Alureon.FE , TROJAN aidez-moiii !!! Fermé

Question

Bonjour, hier soir mon PC ma ouvert une fenêtre comme quoi j'avais un VIRUS nommé '' Alureon.FE, il l'a supprimer '' supposément.

2 minute après, j'Ai eu une petite fenêtre carré sur mon PC qui me disait '' Systeme32 ERROR, cannot readHDD. j'ai rebooter mon ordi et depuis lorsque j'ouvre ma session je n'ai plus de fond d'écran, et plus aucun programme du genre '' Itunes '' WLM '' Internet '' Poste de travail a disparu aussi de mon bureau et tout ce qu'il reste d'accessible ce sont mes documents, mes images, ma musique e.t.c.

Dans l'historique de mes Virus, j'Ai le '' Alureon.FE, et il y en a un autre d'identifier '' exploit JAVA cve 2010-0840 km disk failure.

Aider moi, lorsque j'ai essayer de rentrer en mode sans échec, chaque fois que la session ouvre, elle fermait tout de suite après.


Configuration: Windows Vista / Safari 535.2

Utilisateur anonyme · Accepted Answer

Bonjour

*	Télécharger sur le bureau RogueKiller(par Tigzy)
*	Quitter tous les programmes en cours 
*	Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur 
*	Sinon lancer simplement RogueKiller.exe 
*	Lorsque demandé, taper 2 et valider 
*	Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), donner son contenu à la personne qui vous aide 
*	Si le programme a été bloqué, ne pas hésiter a essayé plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe


@+

Utilisateur anonyme · Answer

Bonsoir

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
Ou ici : https://forospyware.com 
>Renomme le pour l'enregistrer sur ton bureau en  asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista «  exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan. 
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt 

 Avant d'utiliser ComboFix :  

->  Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.  

->  Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. 

Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc. 


- Installe le console de récupération comme demandé ;utile en cas de plantage

- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur 

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire. 

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt) 

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. 

/!\  Ne touche à rien tant que le scan n'est pas terminé.  /!\ : risque de figer l'ordinateur (plantage complet) 


::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes


@+

konascrap · Answer

Je ne suis pas a la maison pour l'instant j'y serais dans 3 heures, il m'est presque impossible d'ouvrir une page internet avant que plein de truc apparaissent et m'empêche de pouvoir aller sur internet ou quel que part d'Autres.

konascrap · Answer

ComboFix 11-11-17.03 - Administrateur 2011-11-17  12:37:14.1.2 - x86 NETWORK
Microsoft Windows XP Professionnel  5.1.2600.3.1252.2.1036.18.2046.1671 [GMT -5:00]
Lancé depuis: c:\documents and settings\Administrateur\Mes documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\bfgMectMnJpVok.exe
c:\documents and settings\All Users\Application Data\NkteX0c5D4T1MJ.exe
c:\documents and settings\All Users\Application Data\POrAEHHCNGan.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\CSC\d6
F:\install.exe
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-10-17 au 2011-11-17  ))))))))))))))))))))))))))))))))))))
.
.
2011-11-17 17:24 . 2011-11-17 17:24	--------	d-----w-	c:\documents and settings\Administrateur
2011-11-16 20:00 . 2011-11-16 20:00	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKslc1b323f5.sys
2011-11-16 17:17 . 2011-11-16 17:17	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl01cb9995.sys
2011-11-16 17:15 . 2011-11-16 17:15	--------	d--h--w-	c:\documents and settings\All Users\Application Data\PC Tools
2011-11-16 17:15 . 2011-11-16 17:15	--------	d-----w-	c:\program files\Fichiers communs\PC Tools
2011-11-16 17:15 . 2011-11-16 17:16	--------	d-----w-	c:\program files\Spyware Doctor
2011-11-16 17:10 . 2011-11-16 17:10	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl9e2d6be7.sys
2011-11-15 21:15 . 2011-11-15 21:15	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl94c8bb5d.sys
2011-11-15 21:15 . 2011-11-16 20:00	56200	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\offreg.dll
2011-11-15 21:09 . 2011-11-15 21:09	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKslb6014e15.sys
2011-11-15 21:04 . 2011-11-15 21:04	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl0f7b6dcd.sys
2011-11-15 20:46 . 2011-11-15 20:46	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl773502a1.sys
2011-11-15 20:40 . 2011-11-15 20:40	28752	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl223946f3.sys
2011-11-14 22:42 . 2011-10-07 00:48	6668624	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\mpengine.dll
2011-11-14 00:41 . 2011-11-14 00:41	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-02 23:44 . 2011-11-03 01:41	--------	d-----w-	c:\program files\Mount&Blade Warband
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-10 14:23 . 2010-03-15 00:36	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-10-07 00:48 . 2010-07-18 05:58	6668624	---ha-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-28 07:06 . 2004-08-10 12:00	606208	----a-w-	c:\windows\system32\crypt32.dll
2011-09-26 15:41 . 2010-03-18 14:09	614400	----a-w-	c:\windows\system32\uiautomationcore.dll
2011-09-26 15:41 . 2004-08-10 12:00	22528	----a-w-	c:\windows\system32\oleaccrc.dll
2011-09-26 15:41 . 2004-08-10 12:00	220160	----a-w-	c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-10 12:00	1859072	----a-w-	c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2006-03-04 03:35	916480	----a-w-	c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2004-08-10 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2004-08-10 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2004-08-10 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-11-09 21:49 . 2011-05-10 23:47	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-10 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-10 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-10 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 16813155807C6881F4BFBF6657424659 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-10 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
dis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers
dis.sys
[-] 2004-08-10 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$
dis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
tfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers
tfs.sys
[-] 2004-08-10 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$
tfs.sys
.
[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache
ull.sys
[-] 2004-08-10 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers
ull.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE	cpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE	cpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache	cpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers	cpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$	cpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386	cpip.sys
[-] 2004-08-10 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$	cpip.sys
.
[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 06B54A7B1EF7CB16BFD0E208D343FA71 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-10 . CE9DC7CC6D75515EE62CA341473EC5F3 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . 91E6024D6D4DCDECDB36C43ECF9BBECB . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-10 . 9F3744A5C6F49291A7A685040A013399 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
etman.dll
[-] 2008-04-14 . BE0CB143FA427D93440DED18DB8C918B . 198144 . . [5.1.2600.5512] . . c:\windows\system32
etman.dll
[-] 2004-08-10 . 624CF700BBFD8BE4097AAA146E6BD363 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$
etman.dll
.
[-] 2008-04-14 02:33 . F4B7146C7EED6C4E158DCD9B5266C25A . 851968 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 02:33 . F4B7146C7EED6C4E158DCD9B5266C25A . 851968 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-10 12:00 . 19428638D8F4440F67519BD03A623BBB . 851968 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . BAA0B6E647C1AD593E9BAE5CC31BCFFB . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-10 . 87424817F82CF6A7F55DAC01A20111A3 . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . F83B964469D230F445613C44DF9FE25D . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFEpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\system32pcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcachepcss.dll
[-] 2008-04-14 . 3D65EB82E1FA6DB15A33E024C9E03CAB . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$pcss.dll
[-] 2008-04-14 . 3D65EB82E1FA6DB15A33E024C9E03CAB . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386pcss.dll
[-] 2004-08-10 . 2477917B158327410E615C582A3A4C0B . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$pcss.dll
.
[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 54CB50058851D95E56EC70D09F70857F . 109056 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-10 . 732E0B1ABAACE15D80EC19056B0A2AF9 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . 460E4CE148BD07218DA0B6A3D31885A9 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-10 . B4EF928E4FAD79364A80ACBA6D999934 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-10 . D2DE785AEAB0BB8CA4C14A8A199DBE4E . 506368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2010-08-23 . 4C96AB448A3014EBC11E1D3868071391 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 4C96AB448A3014EBC11E1D3868071391 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . AD6F8920E9BC4ADF4F2844E3ED0D47AF . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . F92E6BEA9349D49341383F8403B4DFE5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2004-08-10 . A53B48B5AB9A5DA76ED247D61B0B0ADD . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2004-08-10 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-10 . 97668958194B82F5B88EABC88ACA5AE1 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 7A6D0B71035E123FDDA2156A25578AD3 . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-10 . BDDF3723D95DC28D78B1E93119E0E6AB . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 02:33 . 9FD4A0615BF3E9388A46EDF8774C7294 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 02:33 . 9FD4A0615BF3E9388A46EDF8774C7294 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-10 12:00 . BBA1D0A306ABE68A13F58FDBE97E9AF4 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0469B73DB32E5520F342C5E163AA3CCA . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-10 . 39EE5FAF56260EBB8D77A08F525EBBB4 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 3AC8886DFA5AB641417DF4D3B7F5512E . 1054720 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . 3AC8886DFA5AB641417DF4D3B7F5512E . 1054720 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-10 . 7830E20C74611281B1BDAE5888CD50F5 . 1048576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 5C64008E661307C4A3C3C25D9086CDE7 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-10 . 9D21BC0235494F2B403026A1D3619E00 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 982B2C204337C3B12211E1E1D9BA8C9C . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-10 . 8C97E0E3DAA99659D4F4B44CC1F282A6 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2011-10-03 . 74BED1542D59A83B1B13BCCF73A45D30 . 5971456 . . [8.00.6001.19154] . . c:\windows\system32\mshtml.dll
[-] 2011-10-03 . 74BED1542D59A83B1B13BCCF73A45D30 . 5971456 . . [8.00.6001.19154] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2011-10-03 . 04B3377227CD337F740A1BE05A33E6D7 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . B8F6D02D7BE68036675C7315460F3198 . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[-] 2011-07-25 . D56D2C438D98AE7706E342C063FC8178 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . 00A80397727F8D87B75916D32B002B32 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2011-05-30 . 4FA897D7C84EB0F5AB8429DFC98A5FB0 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . 87AD8BE7B6A2AA21BD05BAEEC42ADE1C . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . 8B82D452F8BFCDC50D1C003957EB4C24 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[-] 2010-12-20 . 57840C53F8FA1928AD7A02A61C990401 . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
[-] 2010-12-20 . 6CEA3DF10D6B27C2A98EBDD4DDBE7646 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 04210EEC4675E1304C0F9BDCE7A6735F . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 77EF4923A564EE6415A0204B299C91C2 . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
[-] 2010-09-10 . 07F85C15C4C0950DB8B5D4509D38182D . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . E97A32E6341D4ED609514D59EB5D0E3D . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 7B63F9D998AF9FB1E147A71871773F9C . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . D1829B36DF1006D2B0954910A757AF84 . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[-] 2010-05-06 . 58AF16DE738F10213E86FEF10836D0E5 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[-] 2010-05-06 . 705DA0AFB48A9333747475AD5600A902 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-04-16 . 5E2FF63E99CE871151A218DE09FC954F . 3094016 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\821b8fbeac3c5f446c31f3414b7677b9\sp3gdr\mshtml.dll
[-] 2010-04-16 . E393E03FEDA7DD46EC8351195CB1E8CD . 3094528 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\821b8fbeac3c5f446c31f3414b7677b9\sp3qfe\mshtml.dll
[-] 2010-02-25 . B8B420A6EB2BB50AA014CD99C96CF983 . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-22 . A7F23A7113C54B1D3E8B736723431197 . 3092480 . . [6.00.2900.5921] . . c:\windows\ie8\mshtml.dll
[-] 2009-12-22 . 0935EDE7EDD8031598F8183B487F55D8 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[-] 2009-12-21 . FE1B72EA7D56047544F71E6561E92D6B . 5942784 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\ef26a0f0f5131f2500ac4db71a2e3923\SP3GDR\mshtml.dll
[-] 2009-12-21 . 4C3B72EA3B0835689AB747AF08586F2D . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . 4C3B72EA3B0835689AB747AF08586F2D . 5945856 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\ef26a0f0f5131f2500ac4db71a2e3923\SP3QFE\mshtml.dll
[-] 2009-10-29 . 09CF09FD79B523D72E63C7C87DA42B7B . 5940736 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\c606a8456b5ceb53245c2f7cc6b707d4\SP3GDR\mshtml.dll
[-] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . CAAC5BF7EB6B3D0E58C9E94C70ACA4FC . 5944320 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\c606a8456b5ceb53245c2f7cc6b707d4\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB978207$\mshtml.dll
[-] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2006-03-23 . AC77AAD0D3F9D6490F7B5F697DDAD483 . 3076608 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2006-03-23 . AC77AAD0D3F9D6490F7B5F697DDAD483 . 3076608 . . [6.00.2900.2873] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2006-03-23 . E0F2B20C0DB70BC649FA10EB7405CADB . 3074560 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
.
[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 3891413139EAABFEFE9B0CA49B5CD395 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D33CD21D476C3A07DD88F83850A17432 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-10 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-10 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-10 . 5C53FCABF891ECDC7156544E5B03FE71 . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 6F5F546A92C7B6AE45DB1D6910781EB0 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 6F5F546A92C7B6AE45DB1D6910781EB0 . 247808 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . 196CCC3FDD21665DCAA9F83FFC03B41A . 247808 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . 196CCC3FDD21665DCAA9F83FFC03B41A . 247808 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-10 . CCDD3433F3C3BD0D8502B38FD155B2F0 . 247808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
etlogon.dll
[-] 2008-04-14 . 04821179C3171554C1BD1F9888A113E2 . 407040 . . [5.1.2600.5512] . . c:\windows\system32
etlogon.dll
[-] 2004-08-10 . FAF07FDCDE76000621A28D19F8E2E8EB . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$
etlogon.dll
.
[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9F2C862E39BF8E8FC51C3F6A6BCEB415 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-10 . B02E4DDBE0E98F42F3B61292DDB3A104 . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 973B36634C544948C663E8269AA1B3A3 . 187392 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-10 . DEC0397F35D027874804EC72979D03CC . 186368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 9A4E7ECBB5B7FB86F3B926AB039F4FEC . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-10 . 94559DE281DADCB58E6A3919C7EAC0B4 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . E4BDF223CD75478BF44567B4D5C2634D . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-10 . 1BD6C2F707A275CB7C16FD99FE0F31CA . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386	apisrv.dll
[-] 2008-04-14 . 8E5231171AD6595FF002E848CC54FCD7 . 249856 . . [5.1.2600.5512] . . c:\windows\system32	apisrv.dll
[-] 2004-08-10 . 2490CAE37DB8B6EC55E7A9415473D0AB . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$	apisrv.dll
.
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-10 . E46FB493E3B33704F0715020CF52106B . 578048 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . E74DDB12188C2FF57A78624DBF7332FC . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-10 . D6D65EA32B190401B57EDB6706F29669 . 25088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2011-08-22 . 7DF35C3D173E799F97F208CC5F3B1C93 . 916480 . . [8.00.6001.19131] . . c:\windows\system32\wininet.dll
[-] 2011-08-22 . 7DF35C3D173E799F97F208CC5F3B1C93 . 916480 . . [8.00.6001.19131] . . c:\windows\system32\dllcache\wininet.dll
[-] 2011-08-22 . 96F7E8DFF026E48DD7655DBFC47E7944 . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . 3008D2F793F23FF0DDBC5A1FB9F8374F . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[-] 2011-06-23 . 66B28BE3DD3BDBD020B4317AD7051427 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . 42F5E14E33D79C236680468B1E4999F4 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2011-04-25 . E996F26337B0DEA2650CEAD393C15B82 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 8B466303E57E69AC1F82849006BADAAD . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 77C66BD5CED4E555919A5FB713322CDD . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[-] 2010-12-20 . AF4EAA3B35A2D206E1902D7CA61B958A . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[-] 2010-12-20 . 2F0037D24E82840EF1D47B635B37301A . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 59EED8A2D9A36A824834E0CFDB403A71 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 85DCE8DAFD2AC492AFACC528161611BB . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[-] 2010-09-10 . A7E08F8C451076D4234AEB380693E45A . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 73F26DB9C92C7A8259B534451E3B18F9 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 9BB4D31E5EF3BA1FBA3ECBECD85B3360 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . A91B0454DF71BDF4906EAB2D098A30EC . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . B98E84E2CD3EE25D6D41936352E93112 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . C906F4EA76E7BEC9255776E626086B95 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-04-16 . 1B7EBDD150980FFA0597E94D4D6810A5 . 671232 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\821b8fbeac3c5f446c31f3414b7677b9\sp3gdr\wininet.dll
[-] 2010-04-16 . 618BAA71E2639379B9947530677FF103 . 672768 . . [6.00.2900.5969] . . c:\windows\SoftwareDistribution\Download\821b8fbeac3c5f446c31f3414b7677b9\sp3qfe\wininet.dll
[-] 2010-02-25 . B667625B38B5EA389044F90BDE80C4FD . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-22 . A3AF5EEC47D71F7F135CC4487E7D884D . 671232 . . [6.00.2900.5921] . . c:\windows\ie8\wininet.dll
[-] 2009-12-22 . 6F18BDEDD53274AD3E5F55A454CD4A92 . 672768 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[-] 2009-12-21 . A8D4AB4ECD850013612E2B6F96EF2394 . 916480 . . [8.00.6001.18876] . . c:\windows\SoftwareDistribution\Download\ef26a0f0f5131f2500ac4db71a2e3923\SP3GDR\wininet.dll
[-] 2009-12-21 . 413508B6F20DAA22074E3E1558850447 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 413508B6F20DAA22074E3E1558850447 . 916480 . . [8.00.6001.22967] . . c:\windows\SoftwareDistribution\Download\ef26a0f0f5131f2500ac4db71a2e3923\SP3QFE\wininet.dll
[-] 2009-10-29 . AB28712FEB7BE2A52A9ABFA0FF94C1B6 . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\c606a8456b5ceb53245c2f7cc6b707d4\SP3GDR\wininet.dll
[-] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . F461ACD33F06BF1FB28FFF1EF345FE63 . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\c606a8456b5ceb53245c2f7cc6b707d4\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB978207$\wininet.dll
[-] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2006-03-04 . 241DBC4C2714B2F39AFDED49459ED420 . 667648 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 241DBC4C2714B2F39AFDED49459ED420 . 667648 . . [6.00.2900.2861] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2006-03-04 . 19E1A21F21BC938A92EE8BE630994493 . 662528 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB912812$\wininet.dll
.
[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . FB836F9E62D82904C983AD21296A5D9C . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-10 . BC41F51A39D3B255805FDB759B7814AE . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 36A608BF354FCC64AD6C0F2B5E2B8806 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 36A608BF354FCC64AD6C0F2B5E2B8806 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-10 . CB99D66483437E06286D4401A151D4E4 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-10 . 4C33E5B9A6197B6ED215F6CFBA0A2DAA . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . ADF88D0996A634B5B13EE8FB9595647D . 153088 . . [5.1.2600.5512] . . c:\windowsegedit.exe
[-] 2008-04-14 . ADF88D0996A634B5B13EE8FB9595647D . 153088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386egedit.exe
[-] 2004-08-10 . 47D9746DB5064D95DFB0E4D88A10C540 . 153088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$egedit.exe
.
[-] 2010-07-16 . A867E538CFD78CB10B3EEF2495C10F00 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . A867E538CFD78CB10B3EEF2495C10F00 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . 210E7ADFEFA2879115612E5C02D410D6 . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . 9245FAF86A8235D5290A23C010DABD43 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . 9245FAF86A8235D5290A23C010DABD43 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2004-08-10 . A2AD7FCB806A2035F506664883F45B32 . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll
.
[-] 2010-04-16 . E441C6889101BEEB1237855D0683C763 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . E441C6889101BEEB1237855D0683C763 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . A044F43EACDB453AE6DA308DE9BBD51E . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 8B9167A0A9E18E22F31FB4EE2563019A . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 8B9167A0A9E18E22F31FB4EE2563019A . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-10 . A879230B5B7CC091EAA3680EBBA262CE . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . C8B7941F9824E9F4D3D7B9B9BAE14FEE . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . C8B7941F9824E9F4D3D7B9B9BAE14FEE . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . C8B7941F9824E9F4D3D7B9B9BAE14FEE . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[-] 2004-08-04 . 30648B4925A6797C05B364F64C3FB86A . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-10 . 5584247B568C2E53934873F4B655FE6A . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . 1B8542F338CDD86929A084A455837158 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 1B8542F338CDD86929A084A455837158 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 988DD1BCDD050B56F28DFCD16BF26C1B . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . B9F20D71E5B6CE89A7A94B38351FDBDC . 135680 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2004-08-10 . B590E69A45AE8FCBF7DDADE89CCE3588 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-10 . 6469C53F4D16FA6055CCA265BC03DB66 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-10 . 54CDDAD404557ED98433D6ECBFC92691 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . F92A87FDDA0C11C8604FBC2B864FA726 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-10 . 21056AEF44322C3E2DD5391B6AEFA75A . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 4EC800BDF80521B0207BD2301DFC7D14 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-10 . 21E83876A6287F15538EF187D286FE11 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-10 . ACF04FB3448D2C2CD3A851C138EC8AB6 . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386egsvc.dll
[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\system32egsvc.dll
[-] 2004-08-10 . 345D02087F5696749C6120359B1E2988 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$egsvc.dll
.
[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 55F5C5C1BE1A78E285033E432BA01597 . 194560 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-10 . 4612EC6DAF695B87A2529FCBB95B75DE . 193024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . EA9E0DB8684CEF2FD3BADD671DF5A112 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-10 . B636478A2569AE69CAF003254022A742 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386	ermsrv.dll
[-] 2008-04-14 . 710BC85A8C22626EE094439E3EA0D38C . 297984 . . [5.1.2600.5512] . . c:\windows\system32	ermsrv.dll
[-] 2005-03-10 . 70921DE4C83652DC301A05F0CC46C985 . 297984 . . [5.1.2600.2627] . . c:\windows\$NtServicePackUninstall$	ermsrv.dll
[-] 2004-08-10 . 7D521B8CF926459E270D18C559323815 . 297984 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB895961$	ermsrv.dll
.
[-] 2008-04-14 . E62B0BE3FC855066C872F5B50A6BCD1B . 347136 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . E62B0BE3FC855066C872F5B50A6BCD1B . 347136 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-10 . 9D39911675347318C17C68B2EA30CF2F . 347648 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . F36C9F78FC902C8DCE4D3B576BB0435A . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . F36C9F78FC902C8DCE4D3B576BB0435A . 176640 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-10 . CE66077813D83C2D6908CDC64AE7E55A . 176640 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2004-08-10 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-04 03:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-10 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . C27D0CD76C1982F36387F2E4F67E64A9 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 8699BC5CF7FDE1292E7F9B56DD043D82 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 8699BC5CF7FDE1292E7F9B56DD043D82 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 02:33 . CE21FE79AD3B913A79E0C742BED6BF85 . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2004-08-10 12:00 . E1A34560BF6CE7C703BB67EC4FA70F43 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . E67A66A3781C1A483F0F8992664CBE0D . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-10 . 97939358ED4487CBB4A0D743CE958266 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2005-08-04 01:14 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\SoftwareDistribution\Download\e0f7a48d15f8264eeb7fdb84ffbbe0d4\mspmsnsv.dll
[-] 2005-08-03 23:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-08-03 23:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-08-03 23:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-10 12:00 . B751CE6043B33A2EFEABB2D6BA83EC67 . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[-] 2010-12-10 . D27A5053A37FB85E8525F998CDC4DE19 . 2071424 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE
tkrnlpa.exe
[-] 2010-12-09 . C605031908817F723D0E779632DC763E . 2029056 . . [5.1.2600.6055] . . c:\windows\system32
tkrnlpa.exe
[-] 2010-12-09 . F2B0235923A03E0FEB5E212B4E9475B6 . 2071424 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386
tkrnlpa.exe
[-] 2010-12-09 . F2B0235923A03E0FEB5E212B4E9475B6 . 2071424 . . [5.1.2600.6055] . . c:\windows\system32\dllcache
tkrnlpa.exe
[-] 2010-04-29 . 4CC0777912FCF5EEDD6FB6ACBFCF75D8 . 2068992 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE
tkrnlpa.exe
[-] 2010-04-28 . E207E2A630F3A0B7901577B2141E89D5 . 2026496 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$
tkrnlpa.exe
[-] 2010-02-16 . D124950F1EF5EEEC0EEE02CD73FB6482 . 2026496 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$
tkrnlpa.exe
[-] 2010-02-16 . 6CB7C9A8C7103FEA51B0D478128CEFC0 . 2068992 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
tkrnlpa.exe
[-] 2009-12-10 . 875EB5E5C8A6B3A2297D87029A880D23 . 2068224 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
tkrnlpa.exe
[-] 2009-12-09 . 17DDA45C41C0E764899A8B1D49475EFE . 2025984 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$
tkrnlpa.exe
[-] 2009-02-09 . C9E530E1258352CC8689173AEFD3A3CF . 2025984 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$
tkrnlpa.exe
[-] 2009-02-09 . ED5E20AE4AC5A63A4FF43FFE704A5153 . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
tkrnlpa.exe
[-] 2008-04-14 . 92E82482CDB39929CF7B541A9648AFAE . 2025984 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$
tkrnlpa.exe
[-] 2008-04-14 . B71A8F101CEFAF82FC5EC16130A54A3F . 2067968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
tkrnlpa.exe
[-] 2005-03-30 . 750F4C5AB34FA215A582068326E2AB11 . 2017280 . . [5.1.2600.2643] . . c:\windows\$NtServicePackUninstall$
tkrnlpa.exe
.
[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386
tmssvc.dll
[-] 2008-04-14 02:33 . 037D92B3A7853A183FCAB77FB1D13D6C . 438272 . . [5.1.2400.5512] . . c:\windows\system32
tmssvc.dll
[-] 2004-08-10 12:00 . 3F82A4226289510DF300813B9B87F0E5 . 438272 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$
tmssvc.dll
.
[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . BD8166A495B02308F364B36249475F22 . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-10 . 168AE9938F6BE31D198AF92496CCFA33 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 4BB396EA6CAA50F2208078602549F2F2 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4BB396EA6CAA50F2208078602549F2F2 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-10 . 0AE00CA307264649EE2F5FC1CB1B0F1F . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 7EAEC24B85DD04EDAA04A51CB07DF870 . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 7EAEC24B85DD04EDAA04A51CB07DF870 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-10 . EA9F86E5892D85E282311C53083903DC . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . 75BD925DAB6E5323EDB6D5CFCDEB16D1 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . 75BD925DAB6E5323EDB6D5CFCDEB16D1 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-10 . 20A4E9DA85A1FF521AC5325FC3BADDF9 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 02:33 . 3BA21BD333A1B8B222006E5464D44F49 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 02:33 . 3BA21BD333A1B8B222006E5464D44F49 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-10 12:00 . 5860F5A42B67EC8BBB5AA3CE7ABC9976 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 08592889A219F7A60F9865B0EE7CAFF8 . 42496 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 08592889A219F7A60F9865B0EE7CAFF8 . 42496 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-10 . 719682744477D57B30248F4479EE8D0D . 42496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . A71A42AD584FAD1A8D1EC5D807C6E528 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . A71A42AD584FAD1A8D1EC5D807C6E528 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-10 . 8B142E6DAC3BD370637E8AF6E87C2321 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2010-12-09 . 360612511AA332B8D3AB295ACA0192CD . 2194816 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE
toskrnl.exe
[-] 2010-12-09 . 33698C8FAD37228407E62624C334DFE9 . 2194816 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386
toskrnl.exe
[-] 2010-12-09 . 33698C8FAD37228407E62624C334DFE9 . 2194816 . . [5.1.2600.6055] . . c:\windows\system32\dllcache
toskrnl.exe
[-] 2010-12-09 . E8DE6CA43363B663645AE4639F2F41D6 . 2150912 . . [5.1.2600.6055] . . c:\windows\system32
toskrnl.exe
[-] 2010-04-28 . B8A3B91AD2A266B6F53F0606503DEB2E . 2148352 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$
toskrnl.exe
[-] 2010-04-28 . 220EFAF0106119F4A7CA598076EE14E6 . 2192128 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE
toskrnl.exe
[-] 2010-02-16 . 51534F39EEA63F0CD321C248D26514CF . 2148352 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$
toskrnl.exe
[-] 2010-02-16 . 126C8FD13731649A7CD6F0A311CD49B8 . 2192128 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE
toskrnl.exe
[-] 2009-12-10 . 9EC870EAB7D08695E59579C7AAC3B23D . 2191360 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE
toskrnl.exe
[-] 2009-12-09 . 9A1F766DA1B7822AF822F13BE0D7DC8B . 2147328 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$
toskrnl.exe
[-] 2009-02-11 . BEF458B8424553279E95E250D1E0CE7E . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE
toskrnl.exe
[-] 2009-02-09 . 907C6FCD8D5FB812D74C204060911EA6 . 2147328 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB977165-v2$
toskrnl.exe
[-] 2008-04-14 . 099D639DA1EF6968D4E41795BB507E6B . 2191104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386
toskrnl.exe
[-] 2008-04-14 . B10C36956EB7A8B1586DBE3B43875280 . 2147328 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$
toskrnl.exe
[-] 2005-03-30 . BF7946E7E478E5DBA26615406431B141 . 2137600 . . [5.1.2600.2643] . . c:\windows\$NtServicePackUninstall$
toskrnl.exe
.
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 6ED29124A1C83BD0CF6B26BD01CA6F6F . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-10 . 6469C53F4D16FA6055CCA265BC03DB66 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . C1F726EE0B043B074A68992BC4AEF8FD . 178176 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . C1F726EE0B043B074A68992BC4AEF8FD . 178176 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-10 . FB89C8B1D6A3C260A39669320C5D5827 . 177664 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . D76B0E8A4ECAD1ADCC75FD14A7ACC54C . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . D76B0E8A4ECAD1ADCC75FD14A7ACC54C . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-10 . 52B7EC594152429DABA1261B2B68CA01 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 5D469FE7D63CF5215AF80CFA37BE6897 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 5D469FE7D63CF5215AF80CFA37BE6897 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-10 . 5A9D6D36574FD4BBA06973B772DD7C7D . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . E17BBF14DBE41CAB571BBD244F97C25F . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386asadhlp.dll
[-] 2008-04-14 . E17BBF14DBE41CAB571BBD244F97C25F . 7680 . . [5.1.2600.5512] . . c:\windows\system32asadhlp.dll
[-] 2004-08-10 . DE86B64A569ECB73891BCE6B7D4D078B . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$asadhlp.dll
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-24 01:20	1515688	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-24 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 122880]
"CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 20480]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"RIMBBLaunchAgent.exe"="c:\program files\Fichiers communs\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-24 887976]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10e.exe" [2010-01-27 256280]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\UltraVNC\winvnc.exe"=
"c:\Program Files\UltraVNC\vncviewer.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\Program Files\Willing Webcam\wwcam.exe"=
"c:\Program Files\Vidalia Bundle\Tor\tor.exe"=
"c:\Program Files\Java\jre6\bin\java.exe"=
"c:\Program Files\Steam\Steam.exe"=
"c:\Program Files\Google\Google Earth\client\googleearth.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"c:\Program Files\Mozilla Firefox\firefox.exe"=
"c:\Program Files\Bonjour\mDNSResponder.exe"=
"c:\Program Files\iTunes\iTunes.exe"=
"f:\Rim.Desktop.exe"=
"c:\Program Files\Steam\steamapps\konascrap\race07 demo\RaceConfig_Steam.exe"=
"c:\Program Files\Steam\steamapps\konascrap\race07 demo\SteamProxy.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800
.
S1 MpKsl0f7b6dcd;MpKsl0f7b6dcd;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl0f7b6dcd.sys [2011-11-15 28752]
S1 MpKsl1cc4b0fd;MpKsl1cc4b0fd;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB8163C8-9DA1-4C56-A6F5-AEC44FA11BC9}\MpKsl1cc4b0fd.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CB8163C8-9DA1-4C56-A6F5-AEC44FA11BC9}\MpKsl1cc4b0fd.sys [?]
S1 MpKsl1dbc7bef;MpKsl1dbc7bef;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41D2E928-F73A-4DD4-98A2-717EBA3C030B}\MpKsl1dbc7bef.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{41D2E928-F73A-4DD4-98A2-717EBA3C030B}\MpKsl1dbc7bef.sys [?]
S1 MpKsl223946f3;MpKsl223946f3;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl223946f3.sys [2011-11-15 28752]
S1 MpKsl2576fec9;MpKsl2576fec9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BE2944CA-EED4-49AE-B0B1-5AACB1C1B403}\MpKsl2576fec9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BE2944CA-EED4-49AE-B0B1-5AACB1C1B403}\MpKsl2576fec9.sys [?]
S1 MpKsl40dc7317;MpKsl40dc7317;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{888F662C-2B30-4EF2-9C97-E17A324EFCB6}\MpKsl40dc7317.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{888F662C-2B30-4EF2-9C97-E17A324EFCB6}\MpKsl40dc7317.sys [?]
S1 MpKsl43523357;MpKsl43523357;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2C685933-28A1-4611-A6E4-D5463D640983}\MpKsl43523357.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2C685933-28A1-4611-A6E4-D5463D640983}\MpKsl43523357.sys [?]
S1 MpKsl4e84cea0;MpKsl4e84cea0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{71A42568-916D-4AD7-B51B-181BF001C315}\MpKsl4e84cea0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{71A42568-916D-4AD7-B51B-181BF001C315}\MpKsl4e84cea0.sys [?]
S1 MpKsl5c2783c1;MpKsl5c2783c1;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C5AC9B77-8A65-402F-9E9F-87ED60ADDE66}\MpKsl5c2783c1.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C5AC9B77-8A65-402F-9E9F-87ED60ADDE66}\MpKsl5c2783c1.sys [?]
S1 MpKsl6186b59e;MpKsl6186b59e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F6C5E34-097D-4638-A835-A6379B3F70B6}\MpKsl6186b59e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F6C5E34-097D-4638-A835-A6379B3F70B6}\MpKsl6186b59e.sys [?]
S1 MpKsl7c2244a1;MpKsl7c2244a1;\??\c:\documents an

konascrap · Answer

j'avais oublier de desactiver mes anti-viru et firewall, dois-je en refaire un autre en les désactivants ?

Utilisateur anonyme · Answer

Bonjour

Non;fait ceci:

 Télécharge TDSSKiller 

    *Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
    * Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.


Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut. 
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée. 
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée. 
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas 
Si Suspicious file est indiqué, laisse l''option cochée sur Skip 
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer 

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau
    
Poste moi son rapport à l'issue; merci

@+

konascrap · Answer

J'ai eu 4 '' threats '' de trouvé, les quatres sont des '' UNsigned File,  '' Suspicious Object, Medium risk et les quatres sont coché par défault sur skip. 

??

konascrap · Answer

J'ai du cocher les 2 additional partie de systeme de plus a vérifier car la premiere fois sans changer les parametres, j'ai eu 0 résultat, il n'y a rien eu de detecter.

konascrap · Answer

Voila le rapport, je l'ai trouver. 

: 

12:48:30.0625 1984	TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
12:48:31.0375 1984	============================================================
12:48:31.0375 1984	Current date / time: 2011/11/19 12:48:31.0375
12:48:31.0375 1984	SystemInfo:
12:48:31.0375 1984	
12:48:31.0375 1984	OS Version: 5.1.2600 ServicePack: 3.0
12:48:31.0375 1984	Product type: Workstation
12:48:31.0375 1984	ComputerName: MAISON-5DF545D4
12:48:31.0375 1984	UserName: Administrateur
12:48:31.0375 1984	Windows directory: C:\WINDOWS
12:48:31.0375 1984	System windows directory: C:\WINDOWS
12:48:31.0375 1984	Processor architecture: Intel x86
12:48:31.0375 1984	Number of processors: 2
12:48:31.0375 1984	Page size: 0x1000
12:48:31.0375 1984	Boot type: Safe boot with network
12:48:31.0375 1984	============================================================
12:48:31.0609 1984	Initialize success
12:48:34.0546 0216	============================================================
12:48:34.0546 0216	Scan started
12:48:34.0546 0216	Mode: Manual; 
12:48:34.0546 0216	============================================================
12:48:35.0546 0216	Abiosdsk - ok
12:48:35.0578 0216	abp480n5 - ok
12:48:35.0625 0216	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:48:35.0625 0216	ACPI - ok
12:48:35.0656 0216	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:48:35.0656 0216	ACPIEC - ok
12:48:35.0656 0216	adpu160m - ok
12:48:35.0703 0216	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:48:35.0703 0216	aec - ok
12:48:35.0734 0216	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:48:35.0734 0216	AFD - ok
12:48:35.0750 0216	Aha154x - ok
12:48:35.0765 0216	aic78u2 - ok
12:48:35.0781 0216	aic78xx - ok
12:48:35.0812 0216	AliIde - ok
12:48:35.0828 0216	amsint - ok
12:48:35.0859 0216	asc - ok
12:48:35.0875 0216	asc3350p - ok
12:48:35.0890 0216	asc3550 - ok
12:48:35.0953 0216	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:48:35.0953 0216	AsyncMac - ok
12:48:35.0968 0216	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
12:48:35.0968 0216	atapi - ok
12:48:35.0984 0216	Atdisk - ok
12:48:36.0062 0216	ati2mtag        (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:48:36.0062 0216	ati2mtag - ok
12:48:36.0093 0216	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:48:36.0093 0216	Atmarpc - ok
12:48:36.0125 0216	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:48:36.0125 0216	audstub - ok
12:48:36.0156 0216	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:48:36.0156 0216	Beep - ok
12:48:36.0234 0216	catchme - ok
12:48:36.0281 0216	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:48:36.0281 0216	cbidf2k - ok
12:48:36.0281 0216	cd20xrnt - ok
12:48:36.0296 0216	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:48:36.0296 0216	Cdaudio - ok
12:48:36.0343 0216	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:48:36.0343 0216	Cdfs - ok
12:48:36.0343 0216	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:48:36.0343 0216	Cdrom - ok
12:48:36.0375 0216	cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
12:48:36.0375 0216	cercsr6 - ok
12:48:36.0390 0216	Changer - ok
12:48:36.0437 0216	CmdIde - ok
12:48:36.0484 0216	Cpqarray - ok
12:48:36.0531 0216	ctac32k         (177bc4ee3840119a780eafad5a010f8f) C:\WINDOWS\system32\drivers\ctac32k.sys
12:48:36.0531 0216	ctac32k - ok
12:48:36.0562 0216	ctaud2k         (eb0c0d62d8d2b8f41da149c866e93397) C:\WINDOWS\system32\drivers\ctaud2k.sys
12:48:36.0562 0216	ctaud2k - ok
12:48:36.0593 0216	ctdvda2k        (5a0eeb00b02fc78605aa9d3590b24978) C:\WINDOWS\system32\drivers\ctdvda2k.sys
12:48:36.0593 0216	ctdvda2k - ok
12:48:36.0625 0216	ctprxy2k        (7d7eea7ffbc19e1b712d241490be51ed) C:\WINDOWS\system32\drivers\ctprxy2k.sys
12:48:36.0625 0216	ctprxy2k - ok
12:48:36.0640 0216	ctsfm2k         (538122d33dd4b04cc189d5ca72bd6706) C:\WINDOWS\system32\drivers\ctsfm2k.sys
12:48:36.0640 0216	ctsfm2k - ok
12:48:36.0640 0216	dac2w2k - ok
12:48:36.0671 0216	dac960nt - ok
12:48:36.0718 0216	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:48:36.0718 0216	Disk - ok
12:48:36.0750 0216	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
12:48:36.0750 0216	dmboot - ok
12:48:36.0765 0216	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
12:48:36.0765 0216	dmio - ok
12:48:36.0781 0216	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:48:36.0781 0216	dmload - ok
12:48:36.0812 0216	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:48:36.0812 0216	DMusic - ok
12:48:36.0843 0216	dpti2o - ok
12:48:36.0875 0216	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:48:36.0875 0216	drmkaud - ok
12:48:36.0906 0216	e1express       (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:48:36.0906 0216	e1express - ok
12:48:36.0968 0216	emu10k          (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
12:48:36.0984 0216	emu10k - ok
12:48:37.0000 0216	emu10k1         (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
12:48:37.0000 0216	emu10k1 - ok
12:48:37.0031 0216	emupia          (8e0eb62be9f9bee7c2e4c50685038e8d) C:\WINDOWS\system32\drivers\emupia2k.sys
12:48:37.0031 0216	emupia - ok
12:48:37.0078 0216	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:48:37.0078 0216	Fastfat - ok
12:48:37.0093 0216	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:48:37.0093 0216	Fdc - ok
12:48:37.0109 0216	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
12:48:37.0125 0216	Fips - ok
12:48:37.0156 0216	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:48:37.0156 0216	Flpydisk - ok
12:48:37.0171 0216	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:48:37.0171 0216	FltMgr - ok
12:48:37.0203 0216	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:48:37.0203 0216	Fs_Rec - ok
12:48:37.0218 0216	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:48:37.0218 0216	Ftdisk - ok
12:48:37.0250 0216	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:48:37.0250 0216	GEARAspiWDM - ok
12:48:37.0265 0216	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:48:37.0265 0216	Gpc - ok
12:48:37.0281 0216	grmnusb         (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
12:48:37.0281 0216	grmnusb - ok
12:48:37.0359 0216	ha20x2k         (f2607d0d89f57d3564cf65a61a237f1a) C:\WINDOWS\system32\drivers\ha20x2k.sys
12:48:37.0359 0216	ha20x2k - ok
12:48:37.0390 0216	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:48:37.0390 0216	hidusb - ok
12:48:37.0406 0216	hpn - ok
12:48:37.0484 0216	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:48:37.0484 0216	HPZid412 - ok
12:48:37.0515 0216	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:48:37.0515 0216	HPZipr12 - ok
12:48:37.0531 0216	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:48:37.0531 0216	HPZius12 - ok
12:48:37.0578 0216	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:48:37.0578 0216	HTTP - ok
12:48:37.0593 0216	i2omgmt - ok
12:48:37.0609 0216	i2omp - ok
12:48:37.0671 0216	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\drivers\i8042prt.sys
12:48:37.0671 0216	i8042prt - ok
12:48:37.0703 0216	iastor          (294110966cedd127629c5be48367c8cf) C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:48:37.0718 0216	iastor - ok
12:48:37.0750 0216	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:48:37.0750 0216	Imapi - ok
12:48:37.0781 0216	ini910u - ok
12:48:37.0812 0216	IntelIde - ok
12:48:37.0828 0216	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:48:37.0828 0216	intelppm - ok
12:48:37.0843 0216	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:48:37.0843 0216	Ip6Fw - ok
12:48:37.0859 0216	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:48:37.0859 0216	IpFilterDriver - ok
12:48:37.0890 0216	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:48:37.0890 0216	IpInIp - ok
12:48:37.0906 0216	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:48:37.0906 0216	IpNat - ok
12:48:37.0921 0216	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:48:37.0937 0216	IPSec - ok
12:48:37.0968 0216	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:48:37.0968 0216	IRENUM - ok
12:48:38.0000 0216	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:48:38.0000 0216	isapnp - ok
12:48:38.0015 0216	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:48:38.0015 0216	Kbdclass - ok
12:48:38.0031 0216	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:48:38.0031 0216	kbdhid - ok
12:48:38.0078 0216	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:48:38.0078 0216	kmixer - ok
12:48:38.0093 0216	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:48:38.0093 0216	KSecDD - ok
12:48:38.0125 0216	lbrtfdc - ok
12:48:38.0203 0216	MHNDRV          (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
12:48:38.0203 0216	MHNDRV - ok
12:48:38.0234 0216	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:48:38.0234 0216	mnmdd - ok
12:48:38.0250 0216	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
12:48:38.0265 0216	Modem - ok
12:48:38.0281 0216	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:48:38.0281 0216	Mouclass - ok
12:48:38.0296 0216	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:48:38.0296 0216	mouhid - ok
12:48:38.0312 0216	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:48:38.0312 0216	MountMgr - ok
12:48:38.0343 0216	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:48:38.0343 0216	MpFilter - ok
12:48:38.0421 0216	MpKsl0f7b6dcd   (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl0f7b6dcd.sys
12:48:38.0421 0216	MpKsl0f7b6dcd - ok
12:48:38.0437 0216	MpKsl1cc4b0fd - ok
12:48:38.0453 0216	MpKsl1dbc7bef - ok
12:48:38.0500 0216	MpKsl223946f3   (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl223946f3.sys
12:48:38.0500 0216	MpKsl223946f3 - ok
12:48:38.0515 0216	MpKsl2576fec9 - ok
12:48:38.0531 0216	MpKsl40dc7317 - ok
12:48:38.0546 0216	MpKsl43523357 - ok
12:48:38.0562 0216	MpKsl4e84cea0 - ok
12:48:38.0578 0216	MpKsl5c2783c1 - ok
12:48:38.0593 0216	MpKsl6186b59e - ok
12:48:38.0609 0216	MpKsl7c2244a1 - ok
12:48:38.0625 0216	MpKsl8445135f - ok
12:48:38.0640 0216	MpKsl9dbe7829 - ok
12:48:38.0656 0216	MpKsla4bca3e3 - ok
12:48:38.0671 0216	MpKsld16705b3 - ok
12:48:38.0687 0216	MpKsle1092d7b - ok
12:48:38.0703 0216	MpKslefc8fcc8 - ok
12:48:38.0718 0216	MpKslf6b0c3c6 - ok
12:48:38.0734 0216	MpKslfc276da1 - ok
12:48:38.0750 0216	MpKslfffec3a9 - ok
12:48:38.0828 0216	mraid35x - ok
12:48:38.0875 0216	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:48:38.0875 0216	MRxDAV - ok
12:48:38.0890 0216	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:48:38.0890 0216	MRxSmb - ok
12:48:38.0937 0216	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:48:38.0937 0216	Msfs - ok
12:48:38.0968 0216	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:48:38.0968 0216	MSKSSRV - ok
12:48:38.0984 0216	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:48:38.0984 0216	MSPCLOCK - ok
12:48:39.0000 0216	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:48:39.0000 0216	MSPQM - ok
12:48:39.0046 0216	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:48:39.0046 0216	mssmbios - ok
12:48:39.0062 0216	mturkqiw - ok
12:48:39.0093 0216	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:48:39.0093 0216	Mup - ok
12:48:39.0125 0216	mv2             (a0f0b16316276017e682410b5612a707) C:\WINDOWS\system32\DRIVERS\mv2.sys
12:48:39.0125 0216	mv2 - ok
12:48:39.0140 0216	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:48:39.0156 0216	NDIS - ok
12:48:39.0171 0216	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
12:48:39.0171 0216	NdisTapi - ok
12:48:39.0203 0216	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
12:48:39.0203 0216	Ndisuio - ok
12:48:39.0218 0216	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
12:48:39.0218 0216	NdisWan - ok
12:48:39.0250 0216	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:48:39.0250 0216	NDProxy - ok
12:48:39.0265 0216	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
12:48:39.0265 0216	NetBIOS - ok
12:48:39.0296 0216	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
12:48:39.0296 0216	NetBT - ok
12:48:39.0375 0216	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:48:39.0375 0216	Npfs - ok
12:48:39.0406 0216	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:48:39.0406 0216	Ntfs - ok
12:48:39.0468 0216	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:48:39.0468 0216	Null - ok
12:48:39.0500 0216	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
12:48:39.0500 0216	NwlnkFlt - ok
12:48:39.0500 0216	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
12:48:39.0515 0216	NwlnkFwd - ok
12:48:39.0531 0216	ossrv           (611b58c2fd89aa9e80743a197ba62277) C:\WINDOWS\system32\drivers\ctoss2k.sys
12:48:39.0546 0216	ossrv - ok
12:48:39.0562 0216	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
12:48:39.0562 0216	Parport - ok
12:48:39.0578 0216	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:48:39.0578 0216	PartMgr - ok
12:48:39.0609 0216	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
12:48:39.0609 0216	ParVdm - ok
12:48:39.0609 0216	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
12:48:39.0609 0216	PCI - ok
12:48:39.0625 0216	PCIDump - ok
12:48:39.0671 0216	PCIIde - ok
12:48:39.0718 0216	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:48:39.0718 0216	Pcmcia - ok
12:48:39.0734 0216	PDCOMP - ok
12:48:39.0750 0216	PDFRAME - ok
12:48:39.0765 0216	PDRELI - ok
12:48:39.0781 0216	PDRFRAME - ok
12:48:39.0812 0216	perc2 - ok
12:48:39.0828 0216	perc2hib - ok
12:48:39.0906 0216	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
12:48:39.0906 0216	PptpMiniport - ok
12:48:39.0937 0216	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:48:39.0937 0216	PSched - ok
12:48:39.0968 0216	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:48:39.0968 0216	Ptilink - ok
12:48:40.0000 0216	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:48:40.0015 0216	PxHelp20 - ok
12:48:40.0015 0216	ql1080 - ok
12:48:40.0031 0216	Ql10wnt - ok
12:48:40.0046 0216	ql12160 - ok
12:48:40.0078 0216	ql1240 - ok
12:48:40.0093 0216	ql1280 - ok
12:48:40.0109 0216	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
12:48:40.0125 0216	RasAcd - ok
12:48:40.0156 0216	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
12:48:40.0156 0216	Rasl2tp - ok
12:48:40.0171 0216	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
12:48:40.0171 0216	RasPppoe - ok
12:48:40.0187 0216	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
12:48:40.0187 0216	Raspti - ok
12:48:40.0218 0216	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
12:48:40.0218 0216	Rdbss - ok
12:48:40.0234 0216	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:48:40.0234 0216	RDPCDD - ok
12:48:40.0265 0216	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERSdpdr.sys
12:48:40.0265 0216	rdpdr - ok
12:48:40.0296 0216	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:48:40.0296 0216	RDPWD - ok
12:48:40.0328 0216	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
12:48:40.0328 0216	redbook - ok
12:48:40.0375 0216	RimUsb          (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys
12:48:40.0375 0216	RimUsb - ok
12:48:40.0390 0216	RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
12:48:40.0390 0216	RimVSerPort - ok
12:48:40.0421 0216	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:48:40.0437 0216	ROOTMODEM - ok
12:48:40.0515 0216	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:48:40.0515 0216	Secdrv - ok
12:48:40.0546 0216	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
12:48:40.0546 0216	Serial - ok
12:48:40.0609 0216	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:48:40.0609 0216	Sfloppy - ok
12:48:40.0640 0216	sfman           (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
12:48:40.0640 0216	sfman - ok
12:48:40.0656 0216	Simbad - ok
12:48:40.0687 0216	Sparrow - ok
12:48:40.0718 0216	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:48:40.0718 0216	splitter - ok
12:48:40.0734 0216	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
12:48:40.0734 0216	sr - ok
12:48:40.0781 0216	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:48:40.0781 0216	Srv - ok
12:48:40.0812 0216	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:48:40.0812 0216	swenum - ok
12:48:40.0828 0216	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:48:40.0828 0216	swmidi - ok
12:48:40.0859 0216	symc810 - ok
12:48:40.0875 0216	symc8xx - ok
12:48:40.0890 0216	sym_hi - ok
12:48:40.0906 0216	sym_u3 - ok
12:48:40.0937 0216	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:48:40.0937 0216	sysaudio - ok
12:48:40.0984 0216	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
12:48:41.0000 0216	Tcpip - ok
12:48:41.0015 0216	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:48:41.0015 0216	TDPIPE - ok
12:48:41.0031 0216	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:48:41.0031 0216	TDTCP - ok
12:48:41.0046 0216	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
12:48:41.0046 0216	TermDD - ok
12:48:41.0093 0216	TIEHDUSB        (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers	iehdusb.sys
12:48:41.0093 0216	TIEHDUSB - ok
12:48:41.0109 0216	TosIde - ok
12:48:41.0156 0216	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:48:41.0156 0216	Udfs - ok
12:48:41.0156 0216	ultra - ok
12:48:41.0203 0216	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:48:41.0218 0216	Update - ok
12:48:41.0265 0216	USBAAPL         (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:48:41.0265 0216	USBAAPL - ok
12:48:41.0281 0216	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:48:41.0281 0216	usbccgp - ok
12:48:41.0312 0216	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:48:41.0312 0216	usbehci - ok
12:48:41.0328 0216	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:48:41.0328 0216	usbhub - ok
12:48:41.0359 0216	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:48:41.0359 0216	usbprint - ok
12:48:41.0375 0216	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:48:41.0375 0216	usbscan - ok
12:48:41.0406 0216	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:48:41.0406 0216	USBSTOR - ok
12:48:41.0421 0216	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:48:41.0421 0216	usbuhci - ok
12:48:41.0453 0216	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:48:41.0453 0216	VgaSave - ok
12:48:41.0468 0216	ViaIde - ok
12:48:41.0484 0216	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
12:48:41.0484 0216	VolSnap - ok
12:48:41.0546 0216	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:48:41.0546 0216	Wanarp - ok
12:48:41.0593 0216	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:48:41.0593 0216	Wdf01000 - ok
12:48:41.0593 0216	WDICA - ok
12:48:41.0640 0216	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:48:41.0640 0216	wdmaud - ok
12:48:41.0750 0216	WpdUsb          (ef8848d2a558affe99cf264180e499ac) C:\WINDOWS\system32\Drivers\wpdusb.sys
12:48:41.0750 0216	WpdUsb - ok
12:48:41.0828 0216	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:48:41.0906 0216	\Device\Harddisk0\DR0 - ok
12:48:41.0921 0216	Boot (0x1200)   (2171129f77a78109c3f69920a79dfcdd) \Device\Harddisk0\DR0\Partition0
12:48:41.0921 0216	\Device\Harddisk0\DR0\Partition0 - ok
12:48:41.0953 0216	Boot (0x1200)   (38497a7bc41db3472c5f5443f680fd29) \Device\Harddisk0\DR0\Partition1
12:48:41.0953 0216	\Device\Harddisk0\DR0\Partition1 - ok
12:48:41.0953 0216	============================================================
12:48:41.0953 0216	Scan finished
12:48:41.0953 0216	============================================================
12:48:41.0984 1504	Detected object count: 0
12:48:41.0984 1504	Actual detected object count: 0
12:48:47.0609 1108	============================================================
12:48:47.0609 1108	Scan started
12:48:47.0609 1108	Mode: Manual; SigCheck; TDLFS; 
12:48:47.0609 1108	============================================================
12:48:47.0781 1108	Abiosdsk - ok
12:48:47.0796 1108	abp480n5 - ok
12:48:47.0843 1108	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:48:48.0093 1108	ACPI - ok
12:48:48.0140 1108	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:48:48.0234 1108	ACPIEC - ok
12:48:48.0250 1108	adpu160m - ok
12:48:48.0296 1108	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:48:48.0375 1108	aec - ok
12:48:48.0421 1108	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:48:48.0437 1108	AFD - ok
12:48:48.0437 1108	Aha154x - ok
12:48:48.0468 1108	aic78u2 - ok
12:48:48.0515 1108	aic78xx - ok
12:48:48.0546 1108	AliIde - ok
12:48:48.0578 1108	amsint - ok
12:48:48.0578 1108	asc - ok
12:48:48.0593 1108	asc3350p - ok
12:48:48.0593 1108	asc3550 - ok
12:48:48.0656 1108	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:48:48.0734 1108	AsyncMac - ok
12:48:48.0750 1108	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\drivers\atapi.sys
12:48:48.0828 1108	atapi - ok
12:48:48.0843 1108	Atdisk - ok
12:48:48.0921 1108	ati2mtag        (f5fc6ac1e7bc776871361d463fc86be2) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:48:49.0000 1108	ati2mtag - ok
12:48:49.0046 1108	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:48:49.0125 1108	Atmarpc - ok
12:48:49.0187 1108	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:48:49.0281 1108	audstub - ok
12:48:49.0296 1108	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:48:49.0390 1108	Beep - ok
12:48:49.0453 1108	catchme - ok
12:48:49.0468 1108	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:48:49.0546 1108	cbidf2k - ok
12:48:49.0562 1108	cd20xrnt - ok
12:48:49.0562 1108	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:48:49.0640 1108	Cdaudio - ok
12:48:49.0671 1108	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:48:49.0750 1108	Cdfs - ok
12:48:49.0765 1108	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:48:49.0859 1108	Cdrom - ok
12:48:49.0906 1108	cercsr6         (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
12:48:49.0937 1108	cercsr6 ( UnsignedFile.Multi.Generic ) - warning
12:48:49.0937 1108	cercsr6 - detected UnsignedFile.Multi.Generic (1)
12:48:49.0937 1108	Changer - ok
12:48:49.0953 1108	CmdIde - ok
12:48:49.0968 1108	Cpqarray - ok
12:48:50.0015 1108	ctac32k         (177bc4ee3840119a780eafad5a010f8f) C:\WINDOWS\system32\drivers\ctac32k.sys
12:48:50.0046 1108	ctac32k - ok
12:48:50.0078 1108	ctaud2k         (eb0c0d62d8d2b8f41da149c866e93397) C:\WINDOWS\system32\drivers\ctaud2k.sys
12:48:50.0109 1108	ctaud2k - ok
12:48:50.0140 1108	ctdvda2k        (5a0eeb00b02fc78605aa9d3590b24978) C:\WINDOWS\system32\drivers\ctdvda2k.sys
12:48:50.0156 1108	ctdvda2k ( UnsignedFile.Multi.Generic ) - warning
12:48:50.0156 1108	ctdvda2k - detected UnsignedFile.Multi.Generic (1)
12:48:50.0171 1108	ctprxy2k        (7d7eea7ffbc19e1b712d241490be51ed) C:\WINDOWS\system32\drivers\ctprxy2k.sys
12:48:50.0187 1108	ctprxy2k - ok
12:48:50.0203 1108	ctsfm2k         (538122d33dd4b04cc189d5ca72bd6706) C:\WINDOWS\system32\drivers\ctsfm2k.sys
12:48:50.0203 1108	ctsfm2k - ok
12:48:50.0218 1108	dac2w2k - ok
12:48:50.0218 1108	dac960nt - ok
12:48:50.0281 1108	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:48:50.0343 1108	Disk - ok
12:48:50.0375 1108	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
12:48:50.0484 1108	dmboot - ok
12:48:50.0640 1108	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
12:48:50.0734 1108	dmio - ok
12:48:50.0750 1108	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:48:50.0843 1108	dmload - ok
12:48:50.0875 1108	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:48:50.0953 1108	DMusic - ok
12:48:50.0968 1108	dpti2o - ok
12:48:50.0968 1108	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:48:51.0062 1108	drmkaud - ok
12:48:51.0093 1108	e1express       (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:48:51.0125 1108	e1express - ok
12:48:51.0156 1108	emu10k          (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
12:48:51.0234 1108	emu10k - ok
12:48:51.0250 1108	emu10k1         (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
12:48:51.0359 1108	emu10k1 - ok
12:48:51.0390 1108	emupia          (8e0eb62be9f9bee7c2e4c50685038e8d) C:\WINDOWS\system32\drivers\emupia2k.sys
12:48:51.0390 1108	emupia - ok
12:48:51.0437 1108	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:48:51.0531 1108	Fastfat - ok
12:48:51.0531 1108	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:48:51.0609 1108	Fdc - ok
12:48:51.0625 1108	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
12:48:51.0703 1108	Fips - ok
12:48:51.0718 1108	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:48:51.0796 1108	Flpydisk - ok
12:48:51.0828 1108	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:48:51.0921 1108	FltMgr - ok
12:48:51.0937 1108	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:48:52.0015 1108	Fs_Rec - ok
12:48:52.0015 1108	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:48:52.0109 1108	Ftdisk - ok
12:48:52.0125 1108	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:48:52.0140 1108	GEARAspiWDM - ok
12:48:52.0156 1108	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:48:52.0234 1108	Gpc - ok
12:48:52.0250 1108	grmnusb         (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
12:48:52.0265 1108	grmnusb - ok
12:48:52.0312 1108	ha20x2k         (f2607d0d89f57d3564cf65a61a237f1a) C:\WINDOWS\system32\drivers\ha20x2k.sys
12:48:52.0343 1108	ha20x2k - ok
12:48:52.0375 1108	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:48:52.0453 1108	hidusb - ok
12:48:52.0468 1108	hpn - ok
12:48:52.0484 1108	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:48:52.0500 1108	HPZid412 - ok
12:48:52.0531 1108	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:48:52.0562 1108	HPZipr12 - ok
12:48:52.0578 1108	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:48:52.0593 1108	HPZius12 - ok
12:48:52.0625 1108	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:48:52.0640 1108	HTTP - ok
12:48:52.0687 1108	i2omgmt - ok
12:48:52.0687 1108	i2omp - ok
12:48:52.0718 1108	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\drivers\i8042prt.sys
12:48:52.0812 1108	i8042prt - ok
12:48:52.0843 1108	iastor          (294110966cedd127629c5be48367c8cf) C:\WINDOWS\system32\DRIVERS\iaStor.sys
12:48:52.0859 1108	iastor - ok
12:48:52.0890 1108	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:48:52.0968 1108	Imapi - ok
12:48:52.0984 1108	ini910u - ok
12:48:52.0984 1108	IntelIde - ok
12:48:53.0000 1108	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:48:53.0093 1108	intelppm - ok
12:48:53.0109 1108	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:48:53.0187 1108	Ip6Fw - ok
12:48:53.0218 1108	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:48:53.0296 1108	IpFilterDriver - ok
12:48:53.0328 1108	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:48:53.0421 1108	IpInIp - ok
12:48:53.0437 1108	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:48:53.0531 1108	IpNat - ok
12:48:53.0546 1108	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:48:53.0625 1108	IPSec - ok
12:48:53.0640 1108	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:48:53.0718 1108	IRENUM - ok
12:48:53.0734 1108	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:48:53.0828 1108	isapnp - ok
12:48:53.0843 1108	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:48:53.0937 1108	Kbdclass - ok
12:48:53.0937 1108	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:48:54.0015 1108	kbdhid - ok
12:48:54.0046 1108	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:48:54.0125 1108	kmixer - ok
12:48:54.0156 1108	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:48:54.0171 1108	KSecDD - ok
12:48:54.0187 1108	lbrtfdc - ok
12:48:54.0218 1108	MHNDRV          (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
12:48:54.0218 1108	MHNDRV ( UnsignedFile.Multi.Generic ) - warning
12:48:54.0218 1108	MHNDRV - detected UnsignedFile.Multi.Generic (1)
12:48:54.0234 1108	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:48:54.0312 1108	mnmdd - ok
12:48:54.0328 1108	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
12:48:54.0421 1108	Modem - ok
12:48:54.0437 1108	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:48:54.0515 1108	Mouclass - ok
12:48:54.0531 1108	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:48:54.0609 1108	mouhid - ok
12:48:54.0656 1108	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:48:54.0765 1108	MountMgr - ok
12:48:54.0796 1108	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:48:54.0812 1108	MpFilter - ok
12:48:54.0921 1108	MpKsl0f7b6dcd   (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl0f7b6dcd.sys
12:48:54.0921 1108	MpKsl0f7b6dcd - ok
12:48:54.0937 1108	MpKsl1cc4b0fd - ok
12:48:54.0968 1108	MpKsl1dbc7bef - ok
12:48:55.0000 1108	MpKsl223946f3   (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66FFB3FB-D77C-4A09-B6AF-5C244FA22EA9}\MpKsl223946f3.sys
12:48:55.0000 1108	MpKsl223946f3 - ok
12:48:55.0015 1108	MpKsl2576fec9 - ok
12:48:55.0015 1108	MpKsl40dc7317 - ok
12:48:55.0031 1108	MpKsl43523357 - ok
12:48:55.0031 1108	MpKsl4e84cea0 - ok
12:48:55.0031 1108	MpKsl5c2783c1 - ok
12:48:55.0031 1108	MpKsl6186b59e - ok
12:48:55.0046 1108	MpKsl7c2244a1 - ok
12:48:55.0078 1108	MpKsl8445135f - ok
12:48:55.0078 1108	MpKsl9dbe7829 - ok
12:48:55.0109 1108	MpKsla4bca3e3 - ok
12:48:55.0109 1108	MpKsld16705b3 - ok
12:48:55.0109 1108	MpKsle1092d7b - ok
12:48:55.0140 1108	MpKslefc8fcc8 - ok
12:48:55.0140 1108	MpKslf6b0c3c6 - ok
12:48:55.0171 1108	MpKslfc276da1 - ok
12:48:55.0171 1108	MpKslfffec3a9 - ok
12:48:55.0171 1108	mraid35x - ok
12:48:55.0203 1108	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:48:55.0296 1108	MRxDAV - ok
12:48:55.0312 1108	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:48:55.0328 1108	MRxSmb - ok
12:48:55.0343 1108	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:48:55.0437 1108	Msfs - ok
12:48:55.0468 1108	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:48:55.0546 1108	MSKSSRV - ok
12:48:55.0609 1108	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:48:55.0703 1108	MSPCLOCK - ok
12:48:55.0750 1108	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:48:55.0828 1108	MSPQM - ok
12:48:55.0859 1108	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:48:55.0937 1108	mssmbios - ok
12:48:55.0953 1108	mturkqiw - ok
12:48:55.0968 1108	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:48:55.0984 1108	Mup - ok
12:48:56.0015 1108	mv2             (a0f0b16316276017e682410b5612a707) C:\WINDOWS\system32\DRIVERS\mv2.sys
12:48:56.0015 1108	mv2 - ok
12:48:56.0031 1108	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:48:56.0125 1108	NDIS - ok
12:48:56.0140 1108	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
12:48:56.0156 1108	NdisTapi - ok
12:48:56.0218 1108	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
12:48:56.0312 1108	Ndisuio - ok
12:48:56.0328 1108	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
12:48:56.0406 1108	NdisWan - ok
12:48:56.0421 1108	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:48:56.0453 1108	NDProxy - ok
12:48:56.0484 1108	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
12:48:56.0546 1108	NetBIOS - ok
12:48:56.0562 1108	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
12:48:56.0656 1108	NetBT - ok
12:48:56.0671 1108	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:48:56.0750 1108	Npfs - ok
12:48:56.0765 1108	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:48:56.0859 1108	Ntfs - ok
12:48:56.0921 1108	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:48:57.0015 1108	Null - ok
12:48:57.0046 1108	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
12:48:57.0140 1108	NwlnkFlt - ok
12:48:57.0156 1108	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
12:48:57.0218 1108	NwlnkFwd - ok
12:48:57.0265 1108	ossrv           (611b58c2fd89aa9e80743a197ba62277) C:\WINDOWS\system32\drivers\ctoss2k.sys
12:48:57.0265 1108	ossrv - ok
12:48:57.0296 1108	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
12:48:57.0390 1108	Parport - ok
12:48:57.0406 1108	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:48:57.0500 1108	PartMgr - ok
12:48:57.0515 1108	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
12:48:57.0593 1108	ParVdm - ok
12:48:57.0593 1108	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
12:48:57.0687 1108	PCI - ok
12:48:57.0703 1108	PCIDump - ok
12:48:57.0703 1108	PCIIde - ok
12:48:57.0718 1108	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:48:57.0812 1108	Pcmcia - ok
12:48:57.0828 1108	PDCOMP - ok
12:48:57.0828 1108	PDFRAME - ok
12:48:57.0828 1108	PDRELI - ok
12:48:57.0843 1108	PDRFRAME - ok
12:48:57.0843 1108	perc2 - ok
12:48:57.0859 1108	perc2hib - ok
12:48:57.0906 1108	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
12:48:58.0000 1108	PptpMiniport - ok
12:48:58.0000 1108	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:48:58.0078 1108	PSched - ok
12:48:58.0093 1108	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:48:58.0171 1108	Ptilink - ok
12:48:58.0203 1108	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:48:58.0218 1108	PxHelp20 - ok
12:48:58.0218 1108	ql1080 - ok
12:48:58.0234 1108	Ql10wnt - ok
12:48:58.0234 1108	ql12160 - ok
12:48:58.0234 1108	ql1240 - ok
12:48:58.0250 1108	ql1280 - ok
12:48:58.0250 1108	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
12:48:58.0343 1108	RasAcd - ok
12:48:58.0375 1108	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
12:48:58.0468 1108	Rasl2tp - ok
12:48:58.0484 1108	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
12:48:58.0578 1108	RasPppoe - ok
12:48:58.0593 1108	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
12:48:58.0671 1108	Raspti - ok
12:48:58.0703 1108	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
12:48:58.0781 1108	Rdbss - ok
12:48:58.0812 1108	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:48:58.0906 1108	RDPCDD - ok
12:48:58.0937 1108	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERSdpdr.sys
12:48:59.0031 1108	rdpdr - ok
12:48:59.0062 1108	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:48:59.0078 1108	RDPWD - ok
12:48:59.0093 1108	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
12:48:59.0187 1108	redbook - ok
12:48:59.0218 1108	RimUsb          (616eac1b0e48b236a5a9b8ae07fdb81c) C:\WINDOWS\system32\Drivers\RimUsb.sys
12:48:59.0234 1108	RimUsb - ok
12:48:59.0265 1108	RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
12:48:59.0281 1108	RimVSerPort - ok
12:48:59.0312 1108	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:48:59.0406 1108	ROOTMODEM - ok
12:48:59.0453 1108	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:48:59.0531 1108	Secdrv - ok
12:48:59.0546 1108	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
12:48:59.0640 1108	Serial - ok
12:48:59.0671 1108	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:48:59.0734 1108	Sfloppy - ok
12:48:59.0765 1108	sfman           (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
12:48:59.0843 1108	sfman - ok
12:48:59.0859 1108	Simbad - ok
12:48:59.0890 1108	Sparrow - ok
12:48:59.0921 1108	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:49:00.0000 1108	splitter - ok
12:49:00.0031 1108	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
12:49:00.0125 1108	sr - ok
12:49:00.0312 1108	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:49:00.0312 1108	Srv - ok
12:49:00.0437 1108	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:49:00.0500 1108	swenum - ok
12:49:00.0687 1108	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:49:00.0796 1108	swmidi - ok
12:49:00.0812 1108	symc810 - ok
12:49:00.0828 1108	symc8xx - ok
12:49:00.0859 1108	sym_hi - ok
12:49:00.0859 1108	sym_u3 - ok
12:49:00.0921 1108	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:49:01.0000 1108	sysaudio - ok
12:49:01.0078 1108	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
12:49:01.0093 1108	Tcpip - ok
12:49:01.0109 1108	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:49:01.0187 1108	TDPIPE - ok
12:49:01.0218 1108	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:49:01.0296 1108	TDTCP - ok
12:49:01.0328 1108	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
12:49:01.0421 1108	TermDD - ok
12:49:01.0437 1108	TIEHDUSB        (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers	iehdusb.sys
12:49:01.0437 1108	TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
12:49:01.0437 1108	TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
12:49:01.0453 1108	TosIde - ok
12:49:01.0468 1108	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:49:01.0546 1108	Udfs - ok
12:49:01.0546 1108	ultra - ok
12:49:01.0593 1108	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:49:01.0671 1108	Update - ok
12:49:01.0703 1108	USBAAPL         (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:49:01.0718 1108	USBAAPL - ok
12:49:01.0750 1108	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:49:01.0828 1108	usbccgp - ok
12:49:01.0890 1108	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:49:01.0984 1108	usbehci - ok
12:49:02.0000 1108	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:49:02.0078 1108	usbhub - ok
12:49:02.0109 1108	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:49:02.0187 1108	usbprint - ok
12:49:02.0203 1108	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:49:02.0296 1108	usbscan - ok
12:49:02.0312 1108	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:49:02.0390 1108	USBSTOR - ok
12:49:02.0406 1108	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:49:02.0484 1108	usbuhci - ok
12:49:02.0500 1108	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:49:02.0578 1108	VgaSave - ok
12:49:02.0578 1108	ViaIde - ok
12:49:02.0593 1108	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
12:49:02.0671 1108	VolSnap - ok
12:49:02.0687 1108	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:49:02.0781 1108	Wanarp - ok
12:49:02.0812 1108	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:49:02.0828 1108	Wdf01000 - ok
12:49:02.0828 1108	WDICA - ok
12:49:02.0875 1108	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:49:02.0953 1108	wdmaud - ok
12:49:03.0078 1108	WpdUsb          (ef8848d2a558affe99cf264180e499ac) C:\WINDOWS\system32\Drivers\wpdusb.sys
12:49:03.0093 1108	WpdUsb - ok
12:49:03.0171 1108	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:49:03.0343 1108	\Device\Harddisk0\DR0 - ok
12:49:03.0343 1108	Boot (0x1200)   (2171129f77a78109c3f69920a79dfcdd) \Device\Harddisk0\DR0\Partition0
12:49:03.0343 1108	\Device\Harddisk0\DR0\Partition0 - ok
12:49:03.0359 1108	Boot (0x1200)   (38497a7bc41db3472c5f5443f680fd29) \Device\Harddisk0\DR0\Partition1
12:49:03.0359 1108	\Device\Harddisk0\DR0\Partition1 - ok
12:49:03.0375 1108	============================================================
12:49:03.0375 1108	Scan finished
12:49:03.0375 1108	============================================================
12:49:03.0500 1516	Detected object count: 4
12:49:03.0500 1516	Actual detected object count: 4
12:55:44.0687 1516	cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
12:55:44.0687 1516	cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:55:44.0703 1516	ctdvda2k ( UnsignedFile.Multi.Generic ) - skipped by user
12:55:44.0703 1516	ctdvda2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:55:44.0703 1516	MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
12:55:44.0703 1516	MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:55:44.0718 1516	TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
12:55:44.0718 1516	TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

konascrap · Answer

RogueKiller V6.1.10 [18/11/2011] par Tigzy mail: tigzyRKgmailcom Remontees: https://www.luanagames.com/index.fr.html Blog: http://tigzyrk.blogspot.com Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur: Administrateur [Droits d'admin] Mode: Recherche -- Date : 20/11/2011 10:59:47 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 1 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[1].txt >> RKreport[1].txt

Utilisateur anonyme · Answer

Bonjour

Ton bureau est bien réapparu ainsi que tes programmes?

@+

konascrap · Answer

Non malheureusement, mon bureau n'a pas réapparu, ni mes programmes, ni mon fond d'écran.

Je suis toute fois capable d'aller sur internet, via un lei d'un de mes programmes, qui ouvre dans le bas a droite de mon PC.


Que doit-je faire de plus ? je n'ai plus le virus, qui fait tout ralentir et apparaitre 50,000 chose, mais pu rien.

Utilisateur anonyme · Answer

Bonsoir

Relance RogueKiller avec l'option 6 .
Poste moi son rapport;merci.

@+

konascrap · Answer

RogueKiller V6.1.10 [18/11/2011] par Tigzy mail: tigzyRKgmailcom Remontees: https://www.luanagames.com/index.fr.html Blog: http://tigzyrk.blogspot.com Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur: Administrateur [Droits d'admin] Mode: Raccourcis RAZ -- Date : 22/11/2011 15:32:58 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ Attributs de fichiers restaures: Bureau: Success 0 / Fail 0 Lancement rapide: Success 0 / Fail 0 Programmes: Success 4 / Fail 0 Menu demarrer: Success 0 / Fail 0 Dossier utilisateur: Success 46 / Fail 0 Mes documents: Success 3 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 0 / Fail 0 Disques locaux: Success 36743 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [A:] \Device\Floppy0 -- 0x2 --> Skipped [C:] \Device\HarddiskVolume1 -- 0x3 --> Restored [D:] \Device\CdRom0 -- 0x5 --> Skipped [E:] \Device\CdRom1 -- 0x5 --> Skipped [F:] \Device\HarddiskVolume2 -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[1].txt >> RKreport[1].txt D'apres tout les fail que je voit, sa ne doit pas etre bon signe ! :(

Utilisateur anonyme · Answer

Bonsoir

As tu noté une amélioration?
Je ne pense pas.

As tu essayé de procéder à une restauration antérieure à ton problème?
Fait le si nécessaire.

@+

konascrap · Answer

Lorsque je restaure, on me dit que la restauration n'a pas bien fonctionné.

Donc aucun changement ? dautre solution ?

konascrap · Answer

J'ai aussi un petit icone ( Systeme Fix ) 

J'ai lu que c'était un virus lui aussi, et qu'il fesait comme si on avait tout perdu, mais que au fond on a rien perdu, car quand je vais en mode sans échec avec prise en charge réseau, je suis capable d'aller dans mes documents, et voir certain dossiser a partir du compte ( admin ) 

Possibilité d'enlever ce virus qui rend mon bureau noir ? et qui me joue des tours.
 Car sinon je n'ai plus le virus qui m'apparait 56 millier de carré rouge, signifiant qu'il y a un erreur et tout le tra lala.

Utilisateur anonyme · Answer

Bonsoir

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman : 

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

Serveur N°2

Ou

http://www.premiumorange.com/zeb-help-process/zhpdiag.html 
en bas de la page ZHP avec un numéro de version.
 
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.

Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit «  exécuter en tant que administrateur »


Clique sur la loupe pour lancer l'analyse.

Laisse l'outil travailler, il peut être assez long. 

Ferme ZHPDiag en fin d'analyse. 


Pour transmettre le rapport clique sur ce lien : 

 
http://pjjoint.malekal.com/

https://www.cjoint.com/

Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag). 

Sélectionne le fichier ZHPDiag.txt. 

Clique sur "Cliquez ici pour déposer le fichier". 

Un lien de cette forme : 

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt 

est ajouté dans la page. 

Copie ce lien dans ta réponse.

Merci

A+

konascrap · Answer

https://www.cjoint.com/?AKyusyQ1zKI 


Voilà, Merci.

Utilisateur anonyme · Answer

Re

Utilisation de l'outil ZHPFix : 

* Copie  tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 
-------------------------------------------------------------------------------------------------


M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml    
[MD5.64A45D7F71CDC1625131ACA8C35EEDFB] [SPRF][2011-11-20] (...) -- C:\Documents and Settings\Administrateur\Bureau\Winlogon.exe   [766976]  
[HKLM\Software\Classes\Toolbar.CT2542115]
[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}]   
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]    
[HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}] 
[HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}]    
[HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}]   
[HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}]    
[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}]   
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] 
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}]  
[HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}]   
[HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}] 
[HKLM\Software\aTube Catcher\OpenCandy]
FirewallRAZ
Emptytemp

--------------------------------------------------------------------------------------------
Puis lance  ZHPFix depuis le raccourci du bureau. Sous Vista :Clic droit sur l'icône ZHPFix.exe  
 « Exécuter en tant qu'administrateur »
. 

* Une fois l'outil ZHPFix ouvert, clique sur le bouton [ H ] ( "coller les lignes Helper" ) . 

*Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

*Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes  
- Clique sur le bouton « GO » pour lancer le nettoyage, 


-> laisse travailler l'outil et ne touche à rien ... 


-> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le ! 

Une fois terminé, un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ... 

( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt ) 



A+

konascrap · Answer

On dirait bien qu'il n'y a eu rien de fait ? 


Rapport de ZHPFix 1.12.3371 par Nicolas Coolman, Update du 18/11/2011
Fichier d'export Registre : 
Run by Administrateur at 2011-11-24 14:47:42
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Processus mémoire ==========
SUPPRIME Memory Process: C:\Documents and Settings\Administrateur\Bureau\Winlogon.exe

========== Clé(s) du Registre ==========
SUPPRIME Key: HKLM\Software\Classes\Toolbar.CT2542115
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
SUPPRIME Key: HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
SUPPRIME Key: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
SUPPRIME Key: HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
SUPPRIME Key: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
SUPPRIME Key: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
SUPPRIME Key: HKLM\Software\aTube Catcher\OpenCandy

========== Valeur(s) du Registre ==========
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Dossier(s) ==========
SUPPRIME Temporaires Windows: : 1

========== Fichier(s) ==========
SUPPRIME File: c:\program files\mozilla firefox\searchplugins\babylon.xml
SUPPRIME File: c:\documents and settings\administrateur\bureau\winlogon.exe
SUPPRIME Temporaires Windows: : 1


========== Récapitulatif ==========
1 : Processus mémoire
13 : Clé(s) du Registre
1 : Valeur(s) du Registre
1 : Dossier(s)
3 : Fichier(s)


End of clean in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 2011-11-24 14:47:42 [2110]

Utilisateur anonyme · Answer

Bonjour

Démarre ton PC en mode normal.
Si ton bureau n'apparait pas;tu fait Ctrl+Alt+Suppr
Le gestionnaire de tâches va s'ouvrir.
Tu cliques sur "Fichier" ensuite "nouvelle tâche"
Tu tapes dans la fenêtre qui s'ouvre:explorer.exe  et tu cliques sur Ok

Ton bureau devrait apparaitre.

Ensuite fait ceci:

Poste moi un nouveau rapport ZHPDiag;merci

@+

konascrap · Answer

Je suis capable de me rendre a mon bureau et tout, le problème est que lorsque j'arrive pour faire un SCAN ZhpDiag, je clique sur la loupe, le scan ce fait, mon ordinateur fait quel que drôle de son et après il m'apparait une page bleu d'erreur, (http://www.guwiv.com/portal/forums/storage/12/9770/PICT0119.JPG)  et je doit redémarrer donc le scan ne peut se finire.

Utilisateur anonyme · Answer

Bonsoir

En procédant en mode normal;donc si nécessaire :afficher le bureau.

Tu reprends la manipulation ComboFix ;mais il est bien enregistré sur le bureau

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
Ou ici : https://forospyware.com 
>Renomme le pour l'enregistrer sur ton bureau en  asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista «  exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan. 
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt 

 Avant d'utiliser ComboFix :  

->  Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.  

->  Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. 

Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc. 


- Installe le console de récupération comme demandé ;utile en cas de plantage

- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur 

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire. 

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt) 

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. 

/!\  Ne touche à rien tant que le scan n'est pas terminé.  /!\ : risque de figer l'ordinateur (plantage complet) 


::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes


@+

konascrap · Answer

Je ne suis pas capable de te copier le lien COMBOFIX, j'ai faite marcher le prgrammes, redemarrer, et HOP.

Quand j'ai ouvert ma session tout mes programme était sur mon bureau, j'ai accès a toute mes logiciels :D 

SYMPA !! comment pourrais-je vous remercier ?

Comme pouvoir vous donnez le rapport Combofix ?

Utilisateur anonyme · Answer

Bonjour

Ce n'est pas grave pour le rapport ComboFix.

Poste moi un nouveau rapport ZHPDiag;merci.

@+

konascrap · Answer

Impossible, lorsque j'essaye de faire le scan avec la loupe, le scan débute, et apres POUF, écran bleu qui faut bugger mon PC.


Hijackthis ?

Utilisateur anonyme · Answer

Bonjour

*	Télécharge  http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en cours de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenu de cette citation dans la partie inférieure d'OTL "Personnalisation"

---------------------------------------------------------------------------
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
Winlogon.exe
Explorer.exe
Firefox.exe
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
-------------------------------------------------------------------------
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés


@+

Alureon.FE , TROJAN aidez-moiii !!!

28 réponses

Discussions similaires

Newsletters