cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 18/10/2015 18:11:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jean-Claude\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,83% Memory free
6,21 Gb Paging File | 4,53 Gb Available in Paging File | 72,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 48,00 Gb Free Space | 49,15% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 180,60 Gb Free Space | 49,06% Space Free | Partition Type: NTFS

Computer Name: PC-DE-JEAN-CLAU | User Name: Jean-Claude | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Jean-Claude\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Jean-Claude\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe (BitTorrent Inc.)
PRC - C:\Users\Jean-Claude\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe ()
PRC - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - c:\users\jean-c~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmi57br.dll ()
MOD - C:\Program Files\CCleaner\lang\lang-1036.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (dbupdatem) -- C:\Program Files\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (dbupdate) -- C:\Program Files\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (EaseUS Agent) -- C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (Afc) -- system32\drivers\Afc.sys File not found
DRV - (GUBootStartup) -- C:\Windows\System32\drivers\GUBootStartup.sys (Glarysoft Ltd)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (EUFDDISK) -- C:\Windows\System32\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBAKUP) -- C:\Windows\System32\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBKMON) -- C:\Windows\System32\drivers\EUBKMON.sys ()
DRV - (EUDSKACS) -- C:\Windows\System32\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (cdrombus) -- C:\Windows\System32\drivers\cdrombus.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\OldSearch: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultenginename: "Default"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Default"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggXdFteWQ9EERhBcA8PTA0VRQAOeQ8LABRJElBCdFtcUA1GQFcFIk0FA18DB0VXfWFoKB8fHGdGM0xUFUo5VFc="
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/01/31 17:13:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015/01/31 17:13:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 41.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 41.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 38.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2015/01/20 19:12:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean-Claude\AppData\Roaming\mozilla\Extensions
[2015/09/20 20:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jean-Claude\AppData\Roaming\mozilla\Firefox\Profiles\m81zhdal.default-1442764219888\extensions
[2015/08/16 14:31:06 | 000,010,880 | ---- | M] () (No name found) -- C:\Users\Jean-Claude\AppData\Roaming\mozilla\firefox\profiles\m81zhdal.default-1442764219888\extensions\{448906fa-d7b2-460b-8f25-8c00ca2283a0}.xpi
[2015/10/17 12:59:52 | 000,000,923 | ---- | M] () -- C:\Users\Jean-Claude\AppData\Roaming\mozilla\firefox\profiles\m81zhdal.default-1442764219888\searchplugins\default.xml
[2015/10/16 12:54:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2015/10/16 12:54:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]


O1 HOSTS File: ([2015/02/26 16:21:44 | 000,450,653 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15471 more lines...
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Dropbox] C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Jean-Claude\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: driversupport.com ([apps] http in Trusted sites)
O15 - HKCU\..Trusted Domains: driversupport.com ([apps] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8798B50-A18D-4DE7-9D7E-98EE3F4AA44F}: DhcpNameServer = 192.168.0.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jean-Claude\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jean-Claude\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1db07710-f553-11e4-8881-001bb9d24e87}\Shell - "" = AutoRun
O33 - MountPoints2\{1db07710-f553-11e4-8881-001bb9d24e87}\Shell\AutoRun\command - "" = M:\.\Driver\DriverInstaller.exe -eject
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]GoogleChromeAutoLaunch_CEC3796C3B747956E30942697559E42F[/b] - hkey= - key= - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sr.sys - FSFilter System Recovery
SafeBootMin: SRService - Service
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3911CF56-9EF2-39BA-846A-C27BD3CD0685} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/10/17 18:31:05 | 000,000,000 | ---D | C] -- C:\AdsFix
[2015/10/17 18:27:53 | 002,719,232 | ---- | C] (SosVirus) -- C:\Users\Jean-Claude\Desktop\AdsFix.exe
[2015/10/17 12:05:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/10/16 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/10/16 11:59:24 | 000,000,000 | ---D | C] -- C:\Users\Jean-Claude\AppData\Roaming\ZHP
[2015/10/15 12:08:53 | 000,000,000 | ---D | C] -- C:\Users\Jean-Claude\AppData\Local\WMTools Downloaded Files
[2015/10/15 09:27:48 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-eventing-provider-l1-1-0.dll
[2015/10/15 09:27:47 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
[2015/10/15 09:27:47 | 000,017,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
[2015/10/15 09:27:47 | 000,015,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2015/10/15 09:27:47 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
[2015/10/15 09:27:47 | 000,014,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
[2015/10/15 09:27:47 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
[2015/10/15 09:27:47 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2015/10/15 09:27:47 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
[2015/10/15 09:27:47 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
[2015/10/15 09:27:47 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
[2015/10/15 09:27:47 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/10/15 09:27:47 | 000,011,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/10/15 09:27:47 | 000,011,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2015/10/15 09:27:46 | 000,066,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
[2015/10/15 09:27:46 | 000,022,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
[2015/10/15 09:27:46 | 000,019,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
[2015/10/15 09:27:46 | 000,016,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
[2015/10/15 09:27:46 | 000,015,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
[2015/10/15 09:27:46 | 000,013,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2015/10/15 09:27:46 | 000,012,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2015/10/15 09:27:46 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2015/10/15 09:27:46 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2015/10/15 09:27:46 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
[2015/10/15 09:27:46 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2015/10/15 09:27:46 | 000,011,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2015/10/15 09:27:45 | 000,901,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ucrtbase.dll
[2015/10/15 09:27:05 | 003,606,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/10/15 09:27:04 | 003,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/10/14 08:50:42 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/10/14 08:50:41 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/10/14 08:50:41 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/10/14 08:50:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/10/14 08:50:38 | 001,814,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/10/14 08:50:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/10/14 08:50:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/10/14 08:50:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/10/14 08:50:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/10/14 08:50:36 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/10/14 08:50:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/10/14 08:50:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/10/14 08:50:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/10/13 22:05:07 | 000,000,000 | ---D | C] -- C:\Users\Jean-Claude\film
[2015/10/13 21:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite NCH Software
[2015/10/13 21:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programmes de vidéo
[2015/10/12 14:42:06 | 000,000,000 | ---D | C] -- C:\Users\Jean-Claude\Desktop\Nouveau dossier
[2015/10/08 14:59:21 | 000,000,000 | ---D | C] -- C:\FRST
[2015/10/06 22:08:03 | 000,000,000 | ---D | C] -- C:\Users\Jean-Claude\Desktop\almunecar
[2015/10/06 16:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/10/18 18:13:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/10/18 18:01:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/10/18 17:54:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/10/18 17:52:56 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/10/18 17:24:40 | 000,001,184 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2015/10/18 16:24:00 | 000,001,180 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2015/10/18 15:52:36 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/10/18 15:52:36 | 000,004,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/10/18 05:44:10 | 000,721,478 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/10/18 05:44:10 | 000,633,514 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/10/18 05:44:10 | 000,145,312 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/10/18 05:44:10 | 000,119,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/10/18 05:36:50 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/10/18 05:36:49 | 000,298,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/10/18 05:36:31 | 3219,628,032 | -HS- | M] () -- C:\hiberfil.sys
[2015/10/17 23:01:52 | 000,000,963 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\AdsFix_Donate.lnk
[2015/10/17 18:27:55 | 002,719,232 | ---- | M] (SosVirus) -- C:\Users\Jean-Claude\Desktop\AdsFix.exe
[2015/10/17 16:54:21 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/10/17 16:54:20 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/10/17 12:04:11 | 001,682,432 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\adwcleaner_5.013.exe
[2015/10/16 12:16:19 | 000,000,787 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\ZHPCleaner.lnk
[2015/10/16 11:59:00 | 001,865,728 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\ZHPCleaner.exe
[2015/10/16 11:36:13 | 000,047,803 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\0.jpg
[2015/10/16 11:34:36 | 000,108,722 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\Capturer.JPG
[2015/10/16 10:29:06 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/10/16 10:28:43 | 000,002,285 | ---- | M] () -- C:\Users\Jean-Claude\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.lnk
[2015/10/16 10:28:43 | 000,002,023 | ---- | M] () -- C:\Users\Jean-Claude\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2015/10/13 21:52:18 | 000,025,600 | ---- | M] () -- C:\Users\Jean-Claude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/10/13 17:54:14 | 025,527,988 | ---- | M] () -- C:\Users\Jean-Claude\Desktop\Danse Flamenco La Burbuja.mp4
[2015/10/08 17:37:31 | 000,000,032 | ---- | M] () -- C:\Windows\System32\Eu(12-20141222).OD
[2015/09/26 18:09:57 | 003,606,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/09/26 18:09:57 | 003,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/10/18 18:13:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/10/18 05:35:22 | 3219,628,032 | -HS- | C] () -- C:\hiberfil.sys
[2015/10/17 23:01:52 | 000,000,963 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\AdsFix_Donate.lnk
[2015/10/17 12:04:10 | 001,682,432 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\adwcleaner_5.013.exe
[2015/10/16 11:59:24 | 000,000,787 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\ZHPCleaner.lnk
[2015/10/16 11:59:00 | 001,865,728 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\ZHPCleaner.exe
[2015/10/16 11:36:12 | 000,047,803 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\0.jpg
[2015/10/16 11:34:34 | 000,108,722 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\Capturer.JPG
[2015/10/13 17:52:44 | 025,527,988 | ---- | C] () -- C:\Users\Jean-Claude\Desktop\Danse Flamenco La Burbuja.mp4
[2015/09/08 15:10:03 | 000,041,512 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2015/01/31 17:08:18 | 000,193,164 | ---- | C] () -- C:\Windows\hpoins51.dat
[2015/01/31 17:08:18 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat
[2015/01/30 14:10:26 | 000,193,136 | ---- | C] () -- C:\Windows\hpoins51.dat.temp
[2015/01/30 14:10:26 | 000,000,572 | ---- | C] () -- C:\Windows\hpomdl51.dat.temp
[2015/01/20 11:48:17 | 000,025,600 | ---- | C] () -- C:\Users\Jean-Claude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/01/17 22:48:29 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2015/01/17 22:13:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2015/01/17 22:13:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2015/01/17 20:08:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2015/01/17 19:18:09 | 000,000,680 | ---- | C] () -- C:\Users\Jean-Claude\AppData\Local\d3d9caps.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/29 02:46:08 | 011,588,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2015/10/18 05:35:22 | 000,028,023 | ---- | M] () -- C:\AdsFix_18_10_2015_05_35_22.txt
[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2015/01/17 17:55:57 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2015/04/11 22:32:22 | 000,000,150 | ---- | M] () -- C:\DriverSetup.log
[2015/10/18 05:36:31 | 3219,628,032 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/25 12:56:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2015/01/20 12:27:27 | 000,233,131 | ---- | M] () -- C:\logFile.txt
[2015/01/25 12:56:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2015/08/07 01:10:08 | 000,188,104 | ---- | M] () -- C:\ods.exe
[2015/08/07 00:57:56 | 000,000,151 | ---- | M] () -- C:\ods.exe.config
[2015/10/18 05:36:29 | 3533,451,264 | -HS- | M] () -- C:\pagefile.sys
[2015/10/18 18:13:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2015/08/07 01:10:08 | 000,188,104 | ---- | M] () -- C:\ods.exe

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2008/01/21 04:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2015/01/20 17:26:49 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2015/10/14 10:37:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2015/10/17 12:06:34 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2015/01/21 11:00:48 | 000,000,000 | ---D | M] -- C:\Program Files\DLLSuite
[2015/10/06 16:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Dropbox
[2015/08/17 16:04:38 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2015/09/08 15:06:11 | 000,000,000 | ---D | M] -- C:\Program Files\EaseUS
[2015/01/17 19:15:57 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2015/08/17 16:04:17 | 000,000,000 | ---D | M] -- C:\Program Files\FreeCodecPack
[2015/08/01 13:13:15 | 000,000,000 | ---D | M] -- C:\Program Files\FreeMi UPnP Media Server
[2015/02/27 18:40:55 | 000,000,000 | ---D | M] -- C:\Program Files\FreeTime
[2015/10/14 10:25:22 | 000,000,000 | ---D | M] -- C:\Program Files\Glary Utilities 5
[2015/06/03 21:46:53 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2015/01/25 13:00:44 | 000,000,000 | ---D | M] -- C:\Program Files\Hercules
[2015/01/31 17:13:48 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2015/01/25 13:00:43 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/10/15 09:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2015/01/20 14:51:50 | 000,000,000 | ---D | M] -- C:\Program Files\LibreOffice 4
[2015/08/08 13:45:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2015/05/14 09:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2015/08/13 10:18:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2015/01/17 22:37:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2015/01/17 22:30:09 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2015/10/17 12:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2015/10/17 12:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2015/08/17 17:37:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2015/01/28 23:54:02 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar Installer
[2015/01/30 10:33:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2015/01/17 19:41:03 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2015/02/09 16:47:48 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre 7
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2015/02/26 15:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2006/11/02 15:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2015/04/15 13:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\Unknown Device Identifier
[2015/02/08 01:09:21 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2015/04/27 14:23:37 | 000,000,000 | ---D | M] -- C:\Program Files\WhoCrashed
[2015/01/17 22:30:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2015/01/17 22:30:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2015/01/17 22:30:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2015/09/10 10:15:27 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2015/01/20 15:53:49 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2015/06/11 10:25:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2015/01/17 19:15:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2015/01/17 22:30:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2015/01/20 15:54:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2015/01/17 22:30:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008/01/21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll
[2006/11/02 11:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2008/01/21 04:24:24 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/02/13 10:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[2011/04/12 16:53:05 | 000,890,368 | ---- | M] (Microsoft Corporation) MD5=306835D4E74E49A5D10F0FCA0B422EB1 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[2011/04/12 16:30:37 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=497A2DA8181560B3E2F8FFE0092FD1E6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[2011/04/12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) MD5=574B473FACAA0E91702B86578440B525 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[2014/02/06 03:56:54 | 000,894,464 | ---- | M] (Microsoft Corporation) MD5=695DB97B018FB06F693F37108322AA1E -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_9587d7775386a817\kernel32.dll
[2015/05/09 00:51:41 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=700178867665441A00AB3215B5450C7A -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23688_none_95df6f4c6cc92ab5\kernel32.dll
[2011/04/12 17:08:23 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=7062DEB220FA1CCB1B65FC40D6E7D807 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[2014/02/06 04:43:24 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=B439D7A2127B81EC7274019D14784D75 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_961b47b06c9d0ce7\kernel32.dll
[2009/02/13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[2009/02/13 09:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[2009/02/13 10:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[2008/01/21 04:24:13 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[2015/05/09 01:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll
[2015/05/09 01:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19381_none_954eccaf53b1df3c\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/21 04:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2013/03/03 21:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\System32\drivers\ntfs.sys
[2013/03/03 21:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys
[2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 04:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[2013/03/03 21:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys

[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2008/01/21 04:25:28 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2008/01/21 04:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 04:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2015/05/06 01:04:06 | 000,518,144 | ---- | M] (SteelWerX) MD5=A46842C9B0C567A5A9584E83A163560C -- C:\AdsFix\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2014/10/11 02:34:03 | 000,452,096 | ---- | M] (Microsoft Corporation) MD5=B33E73457ED6616F6CA316694267FEE3 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_90faa76f6a97633b\termsrv.dll
[2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[2008/01/21 04:24:12 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[2014/10/10 03:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\System32\termsrv.dll
[2014/10/10 03:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_907ed7a2516ef937\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
[2010/03/05 09:34:38 | 000,138,464 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=573793CAC25054F4189196150DE0E51E -- C:\Program Files\EaseUS\Todo Backup\BUILDPE\x86\Drivers\RAID\via\viamraid.sys

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2012/08/21 13:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\drivers\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2008/01/21 04:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 04:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2015/09/11 09:16:09 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=0ED0C46A3407B6BA8774603D9327A389 -- C:\Windows\System32\wininet.dll
[2015/09/11 09:16:09 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=0ED0C46A3407B6BA8774603D9327A389 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16708_none_c1f8d5fddfa0c8ec\wininet.dll
[2015/07/22 22:46:19 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=152110AF82E06FF13C325EB99236B271 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16684_none_c19e538fdfe545f1\wininet.dll
[2015/03/10 00:57:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=19B481D70FBC176AE5D3E91347B0128F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16636_none_c1d663bfdfbaecea\wininet.dll
[2008/01/21 04:24:37 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[2015/06/17 20:03:24 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=5C59F9736397F0A3284BAA84DEA55343 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20784_none_c227f05af902e5bb\wininet.dll
[2014/10/25 02:33:30 | 000,842,240 | ---- | M] (Microsoft Corporation) MD5=5E52A19E43CCF806DB881345A92AB97B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.23528_none_044b5b2ab8200f20\wininet.dll
[2015/08/17 19:12:06 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=605FFF8DF63D05DB523E635A14DDB43C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16696_none_c1958437dfeb9490\wininet.dll
[2015/02/21 19:21:58 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6293D025E82071B9424877E30B6AC1C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16633_none_c1d362e1dfbda0e5\wininet.dll
[2015/05/31 01:49:49 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6788C8BBFD00EA99D6DA2AB5EA4F9A2C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16659_none_c1c3c4c5dfc870d1\wininet.dll
[2015/01/14 03:42:51 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=79E75447CCEB8522756FCD1EA1B858FF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16609_none_c1f9d461df9fe51c\wininet.dll
[2014/10/25 03:01:24 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=7A273494D9747149E2CF38C313A23CD8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.19221_none_03bab88d9f08c3a7\wininet.dll
[2015/09/11 09:17:43 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=7B6F72A543118733D028A3387C8ACAE1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20823_none_c267d17ef8d321e5\wininet.dll
[2015/08/17 19:13:22 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=827E5900805499AF36B06FE35D7494F3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20811_none_c270a0d6f8ccd346\wininet.dll
[2009/04/11 08:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[2015/01/14 04:34:23 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=8C1A011CB32B2A254B3DE9138DF10C47 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20725_none_c269d02cf8d1576c\wininet.dll
[2015/06/17 03:09:57 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=8F7EB54EC6C488FC086FB4AC3BB29BBD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16669_none_c1b8f4d9dfd08cc2\wininet.dll
[2015/05/31 01:56:17 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=A04528F5740D17A8AAB95FAE38BFD82D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20774_none_c232c046f8fac9ca\wininet.dll
[2015/01/20 14:40:50 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=AA680F0065A505118BDD9181BCE7C83D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll
[2015/02/21 19:17:10 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=B617816D90817B98FF209701B2EAE555 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20747_none_c25630e8f8dfc1fc\wininet.dll
[2015/04/10 17:20:33 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=E38E89A0939A42F5EE4292DFC48772DF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16644_none_c1c9933fdfc4d62d\wininet.dll
[2015/07/22 22:37:33 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=E64B90961540FE6A07C97C1435A75706 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20799_none_c22221e0f906805f\wininet.dll
[2015/04/10 02:25:23 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=EA51D068CE82A1E7FC338D0D36E83AA3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20758_none_c24c6146f8e6f744\wininet.dll
[2015/03/10 01:41:29 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=EB5E1D8224F4EF318708410B469AC239 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20750_none_c2445ef6f8ee2c8c\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2015/05/06 01:04:06 | 000,518,144 | ---- | M] (SteelWerX) MD5=A46842C9B0C567A5A9584E83A163560C -- C:\AdsFix\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2015/09/03 22:48:21 | 000,038,400 | ---- | M] () MD5=098D1E9C1B749142F999973C794BE54D -- C:\AdsFix\winlogon.exe
[2015/09/03 22:48:21 | 000,038,400 | ---- | M] () MD5=098D1E9C1B749142F999973C794BE54D -- C:\AdsFix\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008/01/21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll
[2008/01/21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr ?entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:24:47 | 000,403,968 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\FirewallAPI.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ ?*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* ?.sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2015/10/18 05:36:52 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2962254413-3669692779-3890164854-1000\desktop.ini

< End of report >

Publicité


Signaler le contenu de ce document

Publicité