cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ OTL logfile created on: 19/04/2016 11:51:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Nouveau dossier (2)
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16384)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 73,84% Memory free
6,37 Gb Paging File | 5,55 Gb Available in Paging File | 87,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 155,91 Gb Total Space | 143,78 Gb Free Space | 92,22% Space Free | Partition Type: NTFS
Drive E: | 14,43 Gb Total Space | 4,23 Gb Free Space | 29,31% Space Free | Partition Type: NTFS

Computer Name: EASYDESTROYER | User Name: III | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/04/19 11:46:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Nouveau dossier (2)\OTL.exe
PRC - [2016/02/23 14:20:30 | 001,982,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2016/02/22 16:51:52 | 005,583,520 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2012/07/26 05:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/07/26 05:20:59 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/07/26 05:20:59 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/07/26 05:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2016/02/23 14:20:30 | 001,982,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2012/07/26 06:03:42 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 05:31:20 | 002,151,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/07/26 05:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2012/07/26 05:20:30 | 001,536,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2012/07/26 05:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 05:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/26 05:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 05:20:07 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2012/07/26 05:20:05 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 05:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 05:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 05:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 05:19:22 | 000,364,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2012/07/26 05:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 05:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 05:18:55 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/07/26 05:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 05:18:28 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/07/26 05:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 05:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012/07/26 05:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 05:18:01 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2012/07/26 05:17:58 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012/07/26 05:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2016/02/23 15:25:30 | 000,206,312 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\Drivers\eamonm.sys -- (eamonm)
DRV - [2016/02/23 15:25:30 | 000,146,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ehdrv.sys -- (ehdrv)
DRV - [2016/02/23 15:25:30 | 000,130,616 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2012/07/26 06:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 05:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 05:48:33 | 000,121,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2012/07/26 05:48:29 | 000,049,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/07/26 05:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 05:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 05:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 05:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 05:42:19 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2012/07/26 05:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 05:42:19 | 000,267,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2012/07/26 05:42:19 | 000,179,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2012/07/26 05:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 05:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 05:42:18 | 000,066,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2012/07/26 05:42:15 | 000,238,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2012/07/26 05:42:15 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/07/26 05:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 05:42:15 | 000,046,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/07/26 05:42:14 | 000,024,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012/07/26 05:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/26 05:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 05:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 05:39:55 | 000,023,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/07/26 05:39:35 | 000,057,072 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2012/07/26 05:39:13 | 000,030,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/07/26 05:34:01 | 000,199,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2012/07/26 05:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 05:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 05:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 05:30:33 | 000,028,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2012/07/26 04:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 04:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 04:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 04:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 04:35:48 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2012/07/26 04:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 04:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 04:35:23 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/07/26 04:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 04:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 04:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 04:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 04:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 04:34:16 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/07/26 04:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 04:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 04:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 04:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 04:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 04:33:00 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/07/26 04:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 04:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 04:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 04:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 04:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 04:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/06/28 04:06:16 | 010,900,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/06/02 16:31:30 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\L1E62x86.sys -- (L1E)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 C8 1C 5B 1A 9A D1 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




O1 HOSTS File: ([2012/07/26 06:17:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (TSearch) - {6E727987-C8EA-44DA-8749-310C0FBE3C3E} - C:\Program Files\Torrent Search\IEEF\qcZtGKqHlUOe.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: TSearch - {03AE1B7B-A9E7-4D5A-9D34-89999C31B659} - C:\Program Files\Torrent Search\IEEF\qcZtGKqHlUOe.dll ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7145A9D8-8BB9-441B-B324-79DB03D105CA}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/26 08:51:57 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: NcaSvc - C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
NetSvcs: DsmSvc - C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs: SystemEventsBroker - C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
NetSvcs: wlidsvc - C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)


SafeBootMin: Base - Driver Group
SafeBootMin: BasicDisplay.sys - C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin: BasicRender.sys - C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: BrokerInfrastructure - C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SafeBootMin: EFS - C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: KeyIso - C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SafeBootMin: LSM - C:\Windows\System32\lsm.dll (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: BasicDisplay.sys - C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet: BasicRender.sys - C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: BrokerInfrastructure - C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SafeBootNet: EFS - C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: KeyIso - C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SafeBootNet: LSM - C:\Windows\System32\lsm.dll (Microsoft Corporation)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: netprofm - C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VaultSvc - C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: Wcmsvc - C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9F612429-4A00-3D44-88CF-146DA2EE1F92} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/04/19 11:26:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2016/04/19 11:11:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016/04/19 11:11:48 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wushareduxresources.dll
[2016/04/19 11:11:46 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUSettingsProvider.dll
[2016/04/19 11:11:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\storewuauth.dll
[2016/04/19 11:11:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaext.dll
[2016/04/19 11:11:45 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016/04/19 11:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\Torrent Search
[2016/04/19 10:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2016/04/19 10:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2016/04/19 10:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2016/04/19 10:40:35 | 000,000,000 | R--D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016/04/19 10:40:35 | 000,000,000 | R--D | C] -- C:\Users\III\Searches
[2016/04/19 10:40:35 | 000,000,000 | R--D | C] -- C:\Users\III\Contacts
[2016/04/19 10:40:35 | 000,000,000 | R--D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016/04/19 10:40:35 | 000,000,000 | -H-D | C] -- C:\Users\III\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016/04/19 10:40:32 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Roaming\Adobe
[2016/04/19 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Local\VirtualStore
[2016/04/19 10:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2016/04/19 10:40:03 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Local\Packages
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Voisinage réseau
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Voisinage d'impression
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\AppData\Local\Temporary Internet Files
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\SendTo
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Recent
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Modèles
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Documents\Mes vidéos
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Documents\Mes images
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Mes documents
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Menu Démarrer
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Documents\Ma musique
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Local Settings
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\AppData\Local\Historique
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Cookies
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\Application Data
[2016/04/19 10:39:57 | 000,000,000 | -HSD | C] -- C:\Users\III\AppData\Local\Application Data
[2016/04/19 10:39:56 | 000,000,000 | --SD | C] -- C:\Users\III\AppData\Roaming\Microsoft
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Videos
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Saved Games
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Pictures
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Music
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Links
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Favorites
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Downloads
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Documents
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\Desktop
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016/04/19 10:39:56 | 000,000,000 | R--D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016/04/19 10:39:56 | 000,000,000 | -H-D | C] -- C:\Users\III\AppData
[2016/04/19 10:39:56 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Local\Temp
[2016/04/19 10:39:56 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Local\Microsoft
[2016/04/19 10:39:56 | 000,000,000 | ---D | C] -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016/04/19 10:39:55 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2016/04/19 10:39:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2016/04/19 10:30:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2016/04/19 10:27:50 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2016/04/19 10:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/04/19 11:03:32 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Update Service for Torrent Search2.job
[2016/04/19 11:03:25 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\Update Service for Torrent Search.job
[2016/04/19 11:03:18 | 000,000,672 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2016/04/19 11:02:06 | 000,000,675 | ---- | M] () -- C:\Users\Public\Desktop\Download ESET NOD32 Ant...lnk
[2016/04/19 10:53:16 | 000,001,444 | ---- | M] () -- C:\Users\III\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/04/19 10:51:04 | 000,763,316 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2016/04/19 10:51:04 | 000,674,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/04/19 10:51:04 | 000,147,664 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2016/04/19 10:51:04 | 000,124,636 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/04/19 10:32:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/04/19 10:30:16 | 000,281,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/04/19 10:30:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2016/04/19 10:30:04 | 2790,932,480 | -HS- | M] () -- C:\hiberfil.sys
[2016/04/19 10:28:59 | 000,000,847 | ---- | M] () -- C:\Windows\System32\license.rtf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/04/19 11:03:32 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\Update Service for Torrent Search2.job
[2016/04/19 11:03:25 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\Update Service for Torrent Search.job
[2016/04/19 11:03:18 | 000,000,672 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/04/19 11:00:51 | 000,000,675 | ---- | C] () -- C:\Users\Public\Desktop\Download ESET NOD32 Ant...lnk
[2016/04/19 10:53:16 | 000,001,444 | ---- | C] () -- C:\Users\III\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016/04/19 10:40:32 | 000,001,450 | ---- | C] () -- C:\Users\III\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2016/04/19 10:39:56 | 000,000,352 | ---- | C] () -- C:\Users\III\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016/04/19 10:39:56 | 000,000,334 | ---- | C] () -- C:\Users\III\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016/04/19 10:30:04 | 2790,932,480 | -HS- | C] () -- C:\hiberfil.sys
[2016/04/19 10:27:22 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/07/26 05:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2016/04/19 10:40:32 | 000,000,000 | ---D | M] -- C:\Users\III\AppData\Roaming\Adobe
[2016/04/19 10:40:45 | 000,000,000 | --SD | M] -- C:\Users\III\AppData\Roaming\Microsoft

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\Drivers\AGP440.sys
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_38ff1f7a86c4c6d7\AGP440.sys
[2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\WinSxS\x86_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_b6bdf91c90179e3b\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2012/07/26 05:20:42 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=B5A707E902BE5FC9B93C389FBA6EDF9C -- C:\Windows\System32\alg.exe
[2012/07/26 05:20:42 | 000,071,168 | ---- | M] (Microsoft Corporation) MD5=B5A707E902BE5FC9B93C389FBA6EDF9C -- C:\Windows\WinSxS\x86_microsoft-windows-alg_31bf3856ad364e35_6.2.9200.16384_none_a5945e012c854dfd\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\Drivers\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_79ee6a786812523f\atapi.sys
[2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_d9e333faf2f0935d\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2012/07/26 04:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\System32\Drivers\cdrom.sys
[2012/07/26 04:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_a76623cebb64c613\cdrom.sys
[2012/07/26 04:33:53 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=4E707EC5071DD8F5C29A7410780BD4C3 -- C:\Windows\WinSxS\x86_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_5c5467c3752e2f0b\cdrom.sys

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2012/07/26 06:17:18 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=438037F7EF3AFD8220BA5ABD2A9B64B7 -- C:\Windows\System32\csrss.exe
[2012/07/26 06:17:18 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=438037F7EF3AFD8220BA5ABD2A9B64B7 -- C:\Windows\WinSxS\x86_microsoft-windows-csrss_31bf3856ad364e35_6.2.9200.16384_none_558eefb8b57c730d\csrss.exe

[color=#A23BEC]< MD5 for: CTFMON.EXE >[/color]
[2012/07/26 05:20:44 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=78A83B17F5DDA47FAC0B0643456F7BAC -- C:\Windows\System32\ctfmon.exe
[2012/07/26 05:20:44 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=78A83B17F5DDA47FAC0B0643456F7BAC -- C:\Windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.2.9200.16384_none_99db98b461f84ee8\ctfmon.exe

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2012/07/26 05:40:11 | 000,084,208 | ---- | M] (Microsoft Corporation) MD5=4E3237D8266580412CCA774321056111 -- C:\Windows\System32\Drivers\disk.sys
[2012/07/26 05:40:11 | 000,084,208 | ---- | M] (Microsoft Corporation) MD5=4E3237D8266580412CCA774321056111 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_7d76300caa127e7c\disk.sys
[2012/07/26 05:40:11 | 000,084,208 | ---- | M] (Microsoft Corporation) MD5=4E3237D8266580412CCA774321056111 -- C:\Windows\WinSxS\x86_disk.inf_31bf3856ad364e35_6.2.9200.16384_none_f6718dc54593481b\disk.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2012/07/26 05:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\explorer.exe
[2012/07/26 05:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_4e5fb2f34b233380\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2012/07/26 04:36:23 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=11EDC37780E8A2F8E311D73F7658A4D7 -- C:\Windows\System32\Drivers\i8042prt.sys
[2012/07/26 04:36:23 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=11EDC37780E8A2F8E311D73F7658A4D7 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_aef2860043b590da\i8042prt.sys
[2012/07/26 04:36:23 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=11EDC37780E8A2F8E311D73F7658A4D7 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_31b63c73c7d92740\i8042prt.sys
[2012/07/26 04:36:23 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=11EDC37780E8A2F8E311D73F7658A4D7 -- C:\Windows\WinSxS\x86_keyboard.inf_31bf3856ad364e35_6.2.9200.16384_none_93f979b9aa5fb13f\i8042prt.sys
[2012/07/26 04:36:23 | 000,089,600 | ---- | M] (Microsoft Corporation) MD5=11EDC37780E8A2F8E311D73F7658A4D7 -- C:\Windows\WinSxS\x86_msmouse.inf_31bf3856ad364e35_6.2.9200.16384_none_4adf175da3c1f813\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\Drivers\iaStorV.sys
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\WinSxS\x86_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_abbc5e59592ebf50\iaStorV.sys

[color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color]
[2012/07/26 05:42:33 | 000,016,624 | ---- | M] (Microsoft Corporation) MD5=A43BC9416741ABEA2B8DF60D2C0EA6A2 -- C:\Windows\System32\Drivers\intelide.sys
[2012/07/26 05:42:33 | 000,016,624 | ---- | M] (Microsoft Corporation) MD5=A43BC9416741ABEA2B8DF60D2C0EA6A2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_79ee6a786812523f\intelide.sys
[2012/07/26 05:42:33 | 000,016,624 | ---- | M] (Microsoft Corporation) MD5=A43BC9416741ABEA2B8DF60D2C0EA6A2 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_d9e333faf2f0935d\intelide.sys

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2012/07/26 06:17:18 | 000,078,064 | ---- | M] (Microsoft Corporation) MD5=13D8E3077EF0AE583F4634236D9A0992 -- C:\Windows\System32\Drivers\mountmgr.sys
[2012/07/26 06:17:18 | 000,078,064 | ---- | M] (Microsoft Corporation) MD5=13D8E3077EF0AE583F4634236D9A0992 -- C:\Windows\WinSxS\x86_microsoft-windows-m..pointmanager-minwin_31bf3856ad364e35_6.2.9200.16384_none_cd069c9b9ea8dc58\mountmgr.sys

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2012/07/26 04:30:22 | 000,310,272 | ---- | M] (Microsoft Corporation) MD5=7E23F6BFB65A90F42359D803D1F335A3 -- C:\Windows\System32\Drivers\mrxsmb.sys
[2012/07/26 04:30:22 | 000,310,272 | ---- | M] (Microsoft Corporation) MD5=7E23F6BFB65A90F42359D803D1F335A3 -- C:\Windows\WinSxS\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.2.9200.16384_none_7c3c7916228433e4\mrxsmb.sys

[color=#A23BEC]< MD5 for: MRXSMB10.SYS >[/color]
[2012/07/26 04:30:23 | 000,244,736 | ---- | M] (Microsoft Corporation) MD5=B9F3DA35CDE171B5CBA70319AD7D5E59 -- C:\Windows\System32\Drivers\mrxsmb10.sys
[2012/07/26 04:30:23 | 000,244,736 | ---- | M] (Microsoft Corporation) MD5=B9F3DA35CDE171B5CBA70319AD7D5E59 -- C:\Windows\WinSxS\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.2.9200.16384_none_854f976a1cd57246\mrxsmb10.sys

[color=#A23BEC]< MD5 for: MRXSMB20.SYS >[/color]
[2012/07/26 04:34:26 | 000,168,448 | ---- | M] (Microsoft Corporation) MD5=BDF3BD11E6839190E1F70664B7CD2705 -- C:\Windows\System32\Drivers\mrxsmb20.sys
[2012/07/26 04:34:26 | 000,168,448 | ---- | M] (Microsoft Corporation) MD5=BDF3BD11E6839190E1F70664B7CD2705 -- C:\Windows\WinSxS\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.2.9200.16384_none_8786017c5b2ca5b7\mrxsmb20.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/07/26 06:17:16 | 000,830,192 | ---- | M] (Microsoft Corporation) MD5=C1068477FA29568D8C4AC262AF594871 -- C:\Windows\System32\Drivers\ndis.sys
[2012/07/26 06:17:16 | 000,830,192 | ---- | M] (Microsoft Corporation) MD5=C1068477FA29568D8C4AC262AF594871 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_56008a15f972d07e\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\System32\netlogon.dll
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_fa62c3240960ad18\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\Drivers\nvstor.sys
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_7ba65ba4b222e751\nvstor.sys
[2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\WinSxS\x86_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_3685cf0890656928\nvstor.sys

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2012/07/26 04:38:01 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=C07E9331431C78D41F30E62A15E1D324 -- C:\Windows\System32\Drivers\rasacd.sys
[2012/07/26 04:38:01 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=C07E9331431C78D41F30E62A15E1D324 -- C:\Windows\WinSxS\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.2.9200.16384_none_0c850a9736b9e424\rasacd.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\System32\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_34b8ee3caa8233d3\scecli.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2012/07/26 06:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\Windows\System32\services.exe
[2012/07/26 06:17:18 | 000,333,312 | ---- | M] (Microsoft Corporation) MD5=575FB4211BB07DB7D2179B1B05FE7EFD -- C:\Windows\WinSxS\x86_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_3bc3d14fce0a0436\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2012/07/26 06:17:18 | 000,088,576 | ---- | M] (Microsoft Corporation) MD5=8E5870B864C38A3B766F9F0A23FB70C4 -- C:\Windows\System32\smss.exe
[2012/07/26 06:17:18 | 000,088,576 | ---- | M] (Microsoft Corporation) MD5=8E5870B864C38A3B766F9F0A23FB70C4 -- C:\Windows\WinSxS\x86_microsoft-windows-smss-minwin_31bf3856ad364e35_6.2.9200.16384_none_7b0be223ba323220\smss.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2012/07/26 05:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=D246A6F32CD74A0AE1F00EF7C73A1DBC -- C:\Windows\System32\spoolsv.exe
[2012/07/26 05:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=D246A6F32CD74A0AE1F00EF7C73A1DBC -- C:\Windows\WinSxS\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.2.9200.16384_none_d2f6af0292ef89d7\spoolsv.exe

[color=#A23BEC]< MD5 for: STORPORT.SYS >[/color]
[2012/07/26 05:42:19 | 000,302,320 | ---- | M] (Microsoft Corporation) MD5=D1DCF24305709C09577807A96E6F3500 -- C:\Windows\System32\Drivers\storport.sys
[2012/07/26 05:42:19 | 000,302,320 | ---- | M] (Microsoft Corporation) MD5=D1DCF24305709C09577807A96E6F3500 -- C:\Windows\WinSxS\x86_microsoft-windows-storport_31bf3856ad364e35_6.2.9200.16384_none_24275a8a0195aa94\storport.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2012/07/26 05:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\System32\svchost.exe
[2012/07/26 05:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2012/07/26 06:17:16 | 001,817,328 | ---- | M] (Microsoft Corporation) MD5=FF19CA1C64458F4E0F4F0FAEA22313C2 -- C:\Windows\System32\Drivers\tcpip.sys
[2012/07/26 06:17:16 | 001,817,328 | ---- | M] (Microsoft Corporation) MD5=FF19CA1C64458F4E0F4F0FAEA22313C2 -- C:\Windows\WinSxS\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_afc91e3337cd05b7\tcpip.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\System32\userinit.exe
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2012/07/26 04:33:54 | 003,403,264 | ---- | M] (Microsoft Corporation) MD5=FE4FCA6D8AB08BA1FA02FC179A01BE3A -- C:\Windows\System32\win32k.sys
[2012/07/26 04:33:54 | 003,403,264 | ---- | M] (Microsoft Corporation) MD5=FE4FCA6D8AB08BA1FA02FC179A01BE3A -- C:\Windows\WinSxS\x86_microsoft-windows-win32k_31bf3856ad364e35_6.2.9200.16384_none_b59e859b6bed8e81\win32k.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2012/07/26 05:21:01 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=7109FF769FFF962869C50D720F7AA7D7 -- C:\Windows\System32\wininit.exe
[2012/07/26 05:21:01 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=7109FF769FFF962869C50D720F7AA7D7 -- C:\Windows\WinSxS\x86_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_2d9dc4afd5b76b63\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/07/26 05:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\Windows\System32\winlogon.exe
[2012/07/26 05:21:01 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=C06BA1F360CEF6AB51F41B3D0D5FE92D -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2016/02/23 15:25:30 | 000,206,312 | ---- | M] (ESET)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\eamonm.sys
[2016/02/23 15:25:30 | 000,146,024 | ---- | M] (ESET)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\ehdrv.sys
[2016/02/23 15:25:30 | 000,130,616 | ---- | M] (ESET)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\epfwwfpr.sys

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< >[/color]

< End of report >

Publicité


Signaler le contenu de ce document

Publicité