Ch@3BI
-
Compteur de contenus
21 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Messages posté(e)s par Ch@3BI
-
-
Rapport de ZHPFix 1.12.3288 par Nicolas Coolman, Update du 29/05/2011
Fichier d'export Registre :
Run by Hamza at 30/05/2011 17:20:32
Windows 7 Home Premium Edition, 32-bit (Build 7600)
Web site : ZHPFix Fix de rapport
========== Registry Key ==========
HKLM\Software\ASK => Registry Key removed successfully
========== Repertory ==========
Dossiers Flash Cookies supprimés : 280
Dossiers temporaires Windows supprimés: 165
========== File ==========
Fichiers Flash Cookies supprimés : 148
Fichiers temporaires Windows supprimés : 6965
========== Summary ==========
1 : Registry Key
2 : Repertory
2 : File
End of the scan
-
Merci pour tout apollo, j'ai héberger le fichier comme vous me l'aviez demandé :
Cijoint.fr - Service gratuit de dépôt de fichiers
au cours de l'analyse kaspersky ma demandé de faire confiance ou pas au fichier mbrcheck.exe j'ai fait confiance.
Merci encore
) -
Merci à vous, Mbam se désactive encore tout seuls, je les activé et j'ai désactivé son module IP
Je m'excuse mais je n'arrive pas à télécharger le logiciels voici une copie d'écran du message qui s'affiche :
Merci beaucoup et je m'excuse pour le dérangement, merci pour votre aide
es se que ces un virus qui me bloque son téléchargement ou un problème de connexion ?
-
Merci pour votre aide.
J'ai Kaspersky Internet Sécurité 2011. donc je devrais désactivé Mbam ?
Le liens de Virus Total : VirusTotal - Free Online Virus, Malware and URL Scanner
je pense qu'il à rien détecté, mais j'ai aussi trouver donne le dossier un fichier qui porte un nom bizarre explorer.exe.bkpcpt je les aussi analyser sur Virus Total dont voici le liens VirusTotal - Free Online Virus, Malware and URL Scanner
Merci beaucoup
-
Bonjour,
J'ai Malwarebytes' Anti-Malware et Kaspersky 2011 comme logiciels de sécurité ( je sais pas si ces suffisant ).
Le problème que j'ai ces que Malwarebytes de temps en temps se désactive tout seuls, aussi il me signal tout le temps des blocage d'adresse IP.
Aussi kaspersky me signal de temps en temps un message bizarre, il me signal que le logiciels explorer.exe à un comportement semblable à un keyloger.
Aidez moi s'il vous plait.
Merci à vous.
-
ok Merci pour vos réponse ..!!
-
MDR, de la pub ... parler de google est facebook aussi ces de la pub , alor je voie pas l'inconvenant de poser des question sur un site qu'elle compte, sachant que UNYK compte plus de 14 millions d'utilisateur, ces pas la pub qui manque pour ce site, j'ai juste ue beaucoup d'invitation de mes amis pour m'inscrire à unyk, je voudrait juste avoir un avis des utilisateur de ce site, au niveau de la confidentialité est la sécurité, voila c tout
Dommage, est désoler car je suis nouveau sur ce FORUM, aussi je suggère qu'il ajoute un lien ou qu'elle que chose pour qu'on puisse savoir que notre topic à été supprimer, juste une aidé
Merci
-
Bonjour à tous,
J'ai un problème j'arrive pas à trouver mon topic que j'ai poster dans cette section le titre du sujet : Que penser vous de UNYK ?, je suis sur que je les très bien poster, j'ai même vérifier quelle que minute apprêt, mais maintenant je ne la retrouve plus, j'ai regarder dans Mes contrôles, est j'ai rien trouver, peut-être qu'un modérateur la déplacer, si ces le cas ou ?
Merci
PS: j'espère que je retrouverez celui la !
-
ah j'ai pas vue votre réponse je suis désoler "j'ai pas remarquer qu'il y avez une 2eme page" désoler, est merci pour votre aide est tout ces conseille, je suis très satisfait je vous remercie infiniment, je vais lire tout mon possible pour ne plus tomber dans les piège, aussi je suis entrain de vider mon disque-dur, est je croie même que je vais formater le c: je vais mettre " Résolue " comme tu me la demander, prend soin de toi est à la prochain
-
Je c pas pour quoi, mais j'ai pas pu me connecter au forum tout la journée ainsi que à MSN, msn ma signaler que ces un probleme de port ? avez vous une aider de ce qui peut être S'il Vous Plait ?
Merci.
-
ok merci mon frère Bonne nuit
-
combofix /u : Exécuter "Désinstaller"
USBFIX : Désinstaller
Malwarebytes' Anti-Malware : Conserver
HijackThis : Désinstaller
Supprimer :
cha3bi.bat
msupdtrsvc.exe.vir
rsit.exe
CFScript.txt
combofix.exe
mbam-setup.exe
rsit.exe
SmitfraudFix.exe
UsbFix.exe
ZHPDiag.exe
C:\ComboFix.txt
C:\ComboFix-quarantined-files.txt
C:\ComboFix2.txt
C:\ComboFix3.txt
C:\Qoobox
C:\rapport.txt
C:\UsbFix.txt
C:\UsbFix
C:\rsit
Nouveau point de restauration.
Merci.
-
Oui effectivement le son à disparue Merci beaucoup Gof, à tu un conseille à me donner pour ne plut tomber dans ces piège, aussi je veut savoir comment faire pour voir si y a des espion qui m'espionne, ou sinon des haker qui utilise ma bande passante car elle est très lente
Merci.
-
J'ai lancer le scan dans la nuit & j'ai dormi, quand je me suis réveiller le matin j'ai découvert qu'il à générer un fichier log est ces remis ô scan donc j'ai deux fichier log, voila le 1er :
-----------------------------------------
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2238
Windows 5.1.2600 Service Pack 3
07/06/2009 03:14:58
mbam-log-2009-06-07 (03-14-58).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 143367
Temps écoulé: 1 hour(s), 59 minute(s), 49 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
--------------------------------------------------
& le 2éme :
--------------------------------------------------
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2238
Windows 5.1.2600 Service Pack 3
07/06/2009 18:12:09
mbam-log-2009-06-07 (18-12-09).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 448149
Temps écoulé: 14 hour(s), 56 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\xprepairpro2007 (Rogue.XPRepairPro2007) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
----------------------------------------------
Merci.
-
J'ai remarquer que à chaque fois que j'utilise ComboFix.exe, à la fin une icône d'internet Explorer s'affiche sur le bureau ainsi que internet Explorer devient mon navigateur par défaut esse normale S'il Vous Plait ? Merci
-
ComboFix 09-06-05.09 - Hamza 06/06/2009 21:48.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1015.337 [GMT 2:00]
Lancé depuis: c:\documents and settings\Hamza\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Hamza\Bureau\CFScript.txt
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FILE ::
"c:\windows\system32\msupdtrsvc.exe"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\msupdtrsvc.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MICROSOFTUPDATEREMOTESERVICE
-------\Service_MicrosoftUpdateRemoteService
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-06 au 2009-06-06 ))))))))))))))))))))))))))))))))))))
.
2009-05-30 15:44 . 2009-05-30 16:01 -------- d-----w- C:\UsbFix
2009-05-30 15:10 . 2009-05-30 15:10 -------- d-----w- C:\rsit
2009-05-28 19:42 . 2009-05-28 22:03 -------- d-----w- c:\program files\Garena
2009-05-28 11:13 . 2009-05-28 11:13 -------- d-----w- c:\windows\system32\Color
2009-05-28 11:11 . 2009-05-28 11:11 -------- d-----w- c:\windows\usbbin
2009-05-28 11:11 . 2002-03-06 12:20 105124 ----a-w- c:\windows\system32\drivers\eppscan.sys
2009-05-28 11:11 . 2001-11-05 12:29 53248 ----a-w- c:\windows\SCANUSDP.DLL
2009-05-28 11:11 . 2000-07-25 16:32 217134 ----a-w- c:\windows\Stiaspi.dll
2009-05-28 11:11 . 1999-11-11 15:39 49628 ----a-w- c:\windows\system32\drivers\EPPSCSI.SYS
2009-05-28 11:11 . 1999-08-25 10:55 66560 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-05-28 11:11 . 1998-12-10 09:22 57856 ----a-w- c:\windows\osr2aspi.dll
2009-05-28 11:11 . 2001-11-23 14:27 151552 ----a-w- c:\windows\UnUSBDrv.exe
2009-05-28 11:11 . 2001-11-23 14:27 147456 ----a-w- c:\windows\CHECKING.DLL
2009-05-28 11:10 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-05-27 22:33 . 2009-05-27 22:33 -------- d-----w- C:\Mask Surf
2009-05-25 20:37 . 2009-02-10 02:00 5234408 ----a-w- c:\documents and settings\Hamza\Application Data\BSD Concept\Heredis10\Arbre3D.exe
2009-05-25 20:37 . 2009-02-10 02:00 572928 ----a-w- c:\documents and settings\Hamza\Application Data\BSD Concept\Heredis10\HTML\h8html.exe
2009-05-25 20:36 . 2009-05-25 20:36 -------- d-s---w- c:\documents and settings\LocalService\Favoris
2009-05-25 20:34 . 2009-05-25 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\BSD
2009-05-25 20:33 . 2009-05-25 20:34 -------- d-----w- c:\documents and settings\Hamza\Application Data\BSD Concept
2009-05-25 19:58 . 2009-05-25 20:34 -------- d-----w- c:\program files\WinAncetre
2009-05-25 19:55 . 2009-05-25 19:58 -------- d-----w- c:\documents and settings\Hamza\Local Settings\Application Data\Deployment
2009-05-25 19:23 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
2009-05-25 19:21 . 2009-05-30 00:32 -------- d-----w- c:\program files\BSD Concept
2009-05-19 22:34 . 2009-05-19 22:34 8854 ----a-r- c:\documents and settings\Hamza\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-05-19 22:34 . 2009-05-19 22:34 40960 ----a-r- c:\documents and settings\Hamza\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-05-19 22:34 . 2009-05-19 22:34 40960 ----a-r- c:\documents and settings\Hamza\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2009-05-18 20:26 . 2009-05-18 20:26 152576 ----a-w- c:\documents and settings\Hamza\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-16 18:54 . 2009-05-16 18:54 -------- d-----w- c:\program files\Pidgin
2009-05-12 16:18 . 2009-05-12 16:19 -------- d-----w- c:\program files\Fajr Caller
2009-05-12 16:18 . 1998-10-01 13:22 299520 ----a-w- c:\windows\uninst.exe
2009-05-11 01:21 . 2009-05-11 01:21 -------- d-----w- c:\program files\CHRYOPROD
2009-05-10 23:27 . 2009-05-10 23:27 -------- d-----w- c:\documents and settings\Hamza\Application Data\Sony Corporation
2009-05-10 23:25 . 2009-05-10 23:25 -------- d-----w- c:\program files\Fichiers communs\Sony Shared
2009-05-10 23:25 . 2009-05-10 23:25 -------- d-----w- c:\program files\Sony
2009-05-10 23:25 . 2009-05-10 23:25 -------- d-----w- c:\documents and settings\Hamza\Local Settings\Application Data\Downloaded Installations
2009-05-10 00:47 . 2009-06-01 17:35 -------- d-----w- c:\program files\Agelong Tree
2009-05-08 23:31 . 2009-05-08 23:31 -------- d-----w- c:\documents and settings\Hamza\Application Data\gtk-2.0
2009-05-08 23:21 . 2009-05-08 23:21 1171 ----a-w- c:\documents and settings\Hamza\Application Data\.purple\certificates\x509\tls_peers\fritalk.com
2009-05-08 23:02 . 2009-05-11 00:48 -------- d-----w- c:\documents and settings\Hamza\Application Data\.purple
2009-05-08 22:55 . 2009-05-08 23:02 -------- d-----w- c:\program files\Aspell
2009-05-08 22:53 . 2009-05-08 22:53 -------- d-----w- c:\program files\Fichiers communs\GTK
2009-05-08 22:43 . 2009-05-08 22:44 -------- d-----w- c:\documents and settings\Hamza\Application Data\UseNeXT
2009-05-08 22:43 . 2009-05-08 22:43 -------- d-----w- c:\program files\Usenet.to
2009-05-08 20:37 . 2009-05-16 19:15 -------- d-----w- c:\documents and settings\Hamza\Application Data\mIRC
2009-05-08 20:37 . 2009-05-16 18:57 -------- d-----w- c:\program files\mIRC
2009-05-08 15:12 . 2009-05-17 00:32 -------- d-----w- c:\program files\GenealogyJ
2009-05-08 15:11 . 2009-05-17 15:46 -------- d-----w- c:\documents and settings\Hamza\Application Data\GenJ
2009-05-07 21:39 . 2009-05-07 21:39 -------- d-----w- c:\documents and settings\Hamza\Application Data\Ancestrologie
2009-05-07 21:38 . 2009-05-17 18:52 -------- d-----w- c:\program files\Ancestrologie
2009-05-07 20:43 . 2009-05-07 20:43 -------- d-----w- c:\program files\GenoPro
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 19:59 . 2008-12-01 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2009-06-01 20:26 . 2009-02-04 13:41 -------- d-----w- c:\documents and settings\Hamza\Application Data\Skype
2009-06-01 15:41 . 2009-02-04 13:45 -------- d-----w- c:\documents and settings\Hamza\Application Data\skypePM
2009-05-27 22:04 . 2009-03-03 15:27 -------- d-----w- c:\documents and settings\Hamza\Application Data\Tor
2009-05-27 17:21 . 2008-11-14 22:56 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 00:37 . 2009-01-23 00:18 -------- d-----w- c:\documents and settings\Hamza\Application Data\Azureus
2009-05-26 00:13 . 2009-05-06 01:42 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-05-24 19:39 . 2009-01-23 00:18 -------- d-----w- c:\program files\Azureus
2009-05-19 01:57 . 2008-11-17 21:58 -------- d-----w- c:\program files\MioNet
2009-05-18 20:29 . 2008-11-17 15:04 -------- d-----w- c:\program files\Java
2009-05-10 11:34 . 2002-09-07 01:00 72474 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-10 11:34 . 2002-09-07 01:00 461318 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-09 17:25 . 2009-04-17 20:27 -------- d-----w- c:\program files\bumptop
2009-05-07 20:47 . 2009-04-18 00:21 -------- d-----w- c:\documents and settings\Hamza\Application Data\Généatique2009
2009-05-06 17:07 . 2009-05-06 17:07 -------- d-----w- c:\documents and settings\Hamza\Application Data\Thunderbird
2009-05-04 14:57 . 2009-04-30 13:30 -------- d-----w- c:\documents and settings\Hamza\Application Data\Apple Computer
2009-05-01 10:10 . 2009-05-01 10:10 -------- d-----w- c:\documents and settings\Hamza\Application Data\Kasper-Key_Sharing_Networ
2009-04-30 13:29 . 2009-04-30 13:28 -------- d-----w- c:\program files\iTunes
2009-04-30 13:29 . 2009-04-30 13:28 -------- d-----w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-30 13:28 . 2009-04-30 13:28 -------- d-----w- c:\program files\iPod
2009-04-30 13:28 . 2009-04-30 13:26 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-04-30 13:28 . 2009-04-30 13:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-30 13:28 . 2008-12-02 16:09 -------- d-----w- c:\program files\Bonjour
2009-04-30 13:28 . 2008-12-02 16:23 -------- d-----w- c:\program files\QuickTime
2009-04-30 13:27 . 2009-04-30 13:27 -------- d-----w- c:\program files\Apple Software Update
2009-04-30 13:26 . 2009-04-30 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-04-21 13:39 . 2009-04-30 13:32 2449344 ----a-w- c:\documents and settings\Hamza\Application Data\Mozilla\Firefox\Profiles\sack751g.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\maconfsetup.exe
2009-04-21 13:38 . 2009-04-30 13:32 429224 ----a-w- c:\documents and settings\Hamza\Application Data\Mozilla\Firefox\Profiles\sack751g.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-04-20 18:37 . 2009-04-20 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\MyHeritage
2009-04-20 01:45 . 2009-04-20 01:40 -------- d-----w- c:\program files\MyHeritage
2009-04-20 01:41 . 2009-04-20 01:41 -------- d-----w- c:\documents and settings\Hamza\Application Data\MyHeritage
2009-04-20 01:40 . 2009-04-20 01:40 -------- d-----w- c:\documents and settings\Hamza\Application Data\The Complete Genealogy Reporter - FTB
2009-04-18 16:07 . 2008-11-14 22:17 81072 ----a-w- c:\documents and settings\Hamza\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-18 00:21 . 2009-04-18 00:19 -------- d-----w- c:\program files\Geneatique2009
2009-04-18 00:20 . 2009-04-18 00:20 -------- d-----w- c:\program files\Tracker Software
2009-04-17 21:03 . 2008-12-01 14:53 -------- d-----w- c:\documents and settings\Hamza\Application Data\Babylon
2009-04-17 20:47 . 2009-04-17 19:44 -------- d-----w- c:\program files\Sensiva
2009-04-17 20:30 . 2009-04-17 20:30 -------- d-----w- c:\documents and settings\Hamza\Application Data\Bump Technologies, Inc
2009-04-15 21:23 . 2009-04-15 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-15 21:14 . 2009-04-15 21:14 -------- d-----w- c:\program files\Messenger Plus! Live
2009-04-08 21:07 . 2009-04-08 21:07 -------- d-----w- c:\program files\Fichiers communs\snpstd
2009-04-08 21:07 . 2008-11-14 21:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-08 20:57 . 2008-11-14 22:20 -------- d-----w- c:\program files\ma-config.com
2009-04-08 20:57 . 2008-11-14 22:20 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-01 04:27 . 2008-11-16 22:54 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-03-09 03:19 . 2008-11-17 15:04 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-03-28 09:14 . 2009-03-28 09:14 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-05-30_17.07.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-06 19:58 . 2009-06-06 19:58 16384 c:\windows\Temp\Perflib_Perfdata_250.dat
+ 2008-11-14 21:24 . 2009-06-06 15:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-14 21:24 . 2009-05-30 17:04 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-14 21:24 . 2009-06-06 15:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-11-14 21:24 . 2009-05-30 17:04 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-11-14 21:24 . 2009-06-06 15:32 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-11-14 21:24 . 2009-05-30 17:04 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"UpdateManager"="c:\program files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2007-12-06 3032800]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-28 30192]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-04-01 198160]
"snpstd"="c:\windows\vsnpstd.exe" [2003-12-31 40960]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-23 16804864]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SoundMan.exe [2008-06-18 77824]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\alcwzrd.exe [2008-06-19 2808832]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Hamza\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-11-15 962661]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Conference\\Conference.dll"=
"c:\\Program Files\\Mask Surf Pro\\masksurf.exe"=
"c:\\Program Files\\Mask Surf Pro\\Tor\\tor.exe"=
"c:\\wamp\\bin\\apache\\apache2.2.6\\bin\\httpd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AFPAnsi;Alfa File Protector Ansi;c:\windows\system32\drivers\AFPAnsi.sys [11/01/2009 01:27 43936]
R1 EPPSCSIx;EPPSCSIx;c:\windows\system32\drivers\EPPSCSI.SYS [28/05/2009 13:11 49628]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [13/01/2009 20:53 55136]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R2 MioNet;MioNet Service;c:\program files\MioNet\MioNetManager.exe [15/07/2005 22:38 139264]
S2 gupdate1c9b281b7b4ce98;Service Google Update (gupdate1c9b281b7b4ce98);c:\program files\Google\Update\GoogleUpdate.exe [01/04/2009 06:24 133104]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [28/03/2009 11:13 30192]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/03/2009 09:34 216232]
--- Autres Services/Pilotes en mémoire ---
*Deregistered* - NDISRD
.
Contenu du dossier 'Tâches planifiées'
2009-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-06-06 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 04:24]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
FF - ProfilePath - c:\documents and settings\Hamza\Application Data\Mozilla\Firefox\Profiles\sack751g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - MyHeritage Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\Hamza\Application Data\Mozilla\Firefox\Profiles\sack751g.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
0.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 21:58
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-842925246-57989841-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{45236B3C-22A5-D6AC-2E05-316CD8E41CBB}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paieoogdjbajefhneccdopkbkhpakbic"=hex:6a,61,62,70,69,69,63,68,66,70,66,66,6d,
6e,6a,64,6e,62,6e,6f,00,80
"oagdeobbaocihkldjedlhmfbpchmim"=hex:6a,61,6e,70,6d,6f,63,6a,62,63,63,6b,62,6e,
68,6d,69,63,6f,65,00,80
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
"C040710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(4024)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\MioNet\jvm\bin\MioNet.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Heure de fin: 2009-06-06 22:07 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-06 20:07
ComboFix2.txt 2009-06-01 16:56
ComboFix3.txt 2009-05-30 17:13
Avant-CF: 574 423 040 octets libres
Après-CF: 942 813 184 octets libres
283 --- E O F --- 2009-05-28 00:02
-
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hamza at 2009-06-06 18:06:10
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 575 MB (1%) free of 38 GB
Total RAM: 1015 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:06:18, on 06/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\msupdtrsvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
c:\program files\internet explorer\iexplore.exe
C:\Documents and Settings\Hamza\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Hamza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_3_5.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1A313D-40F0-4E5D-8AE2-181D199EE1BD}: NameServer = 208.67.222.222 41.221.20.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1c9b281b7b4ce98) (gupdate1c9b281b7b4ce98) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Microsoft Update Remote Service (MicrosoftUpdateRemoteService) - Unknown owner - C:\WINDOWS\system32\msupdtrsvc.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
--
End of file - 12696 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-04-01 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2009-02-06 73072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-08-13 118842]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{965B54B0-71E0-4611-8DE7-F73FA0B20E26} - Babylon - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll [2007-12-18 267488]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27 118784]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-01-13 131072]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-08-13 122939]
"UpdateManager"=C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2004-01-07 110592]
"Babylon Client"=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [2007-12-06 3032800]
"Adobe_ID0EYTHM"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-03-28 30192]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-04-01 198160]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2003-12-31 40960]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sensiva]
C:\Program Files\Sensiva\Sensiva.exe [2001-12-21 1245184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-02-01 21898024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe [2008-11-10 9017648]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Documents and Settings\Hamza\Menu Démarrer\Programmes\Démarrage
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-01-13 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Conference\Conference.dll"="C:\Program Files\Conference\Conference.dll:*:Enabled:Audio/Video Conference"
"C:\Program Files\Mask Surf Pro\masksurf.exe"="C:\Program Files\Mask Surf Pro\masksurf.exe:*:Enabled:Mask Surf Pro"
"C:\Program Files\Mask Surf Pro\Tor\tor.exe"="C:\Program Files\Mask Surf Pro\Tor\tor.exe:*:Enabled:Tor"
"C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe"="C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java Platform SE binary"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
======File associations======
.js - open - "E:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 2 months======
2009-06-01 19:26:07 ----SHD---- C:\RECYCLER
2009-06-01 18:56:12 ----A---- C:\ComboFix.txt
2009-05-30 18:50:08 ----A---- C:\Boot.bak
2009-05-30 18:50:05 ----RASHD---- C:\cmdcons
2009-05-30 18:45:59 ----A---- C:\WINDOWS\zip.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\SWSC.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\SWREG.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\sed.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\PEV.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\NIRCMD.exe
2009-05-30 18:45:59 ----A---- C:\WINDOWS\grep.exe
2009-05-30 18:45:53 ----D---- C:\WINDOWS\ERDNT
2009-05-30 18:44:24 ----D---- C:\Qoobox
2009-05-30 18:32:04 ----A---- C:\WINDOWS\system32\tmp.txt
2009-05-30 18:31:59 ----A---- C:\rapport.txt
2009-05-30 17:56:58 ----RASHD---- C:\autorun.inf
2009-05-30 17:53:47 ----A---- C:\UsbFix.txt
2009-05-30 17:44:16 ----D---- C:\UsbFix
2009-05-30 17:10:12 ----D---- C:\rsit
2009-05-28 21:42:19 ----D---- C:\Program Files\Garena
2009-05-28 13:13:22 ----D---- C:\WINDOWS\system32\Color
2009-05-28 13:11:06 ----D---- C:\WINDOWS\usbbin
2009-05-28 13:11:05 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2009-05-28 13:11:05 ----A---- C:\WINDOWS\Stiaspi.dll
2009-05-28 13:11:05 ----A---- C:\WINDOWS\SCANUSDP.DLL
2009-05-28 13:11:05 ----A---- C:\WINDOWS\osr2aspi.dll
2009-05-28 13:11:04 ----A---- C:\WINDOWS\UnUSBDrv.exe
2009-05-28 13:11:04 ----A---- C:\WINDOWS\CHECKING.DLL
2009-05-28 13:10:51 ----A---- C:\WINDOWS\IsUninst.exe
2009-05-28 02:02:22 ----SHD---- C:\Config.Msi
2009-05-28 00:33:32 ----D---- C:\Mask Surf
2009-05-25 22:36:12 ----A---- C:\WINDOWS\system32\msupdtrsvc.exe
2009-05-25 22:34:42 ----D---- C:\Documents and Settings\All Users\Application Data\BSD
2009-05-25 22:33:47 ----D---- C:\Documents and Settings\Hamza\Application Data\BSD Concept
2009-05-25 21:58:21 ----D---- C:\Program Files\WinAncetre
2009-05-25 21:23:05 ----A---- C:\WINDOWS\unvise32.exe
2009-05-25 21:21:49 ----D---- C:\Program Files\BSD Concept
2009-05-18 22:29:36 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-18 22:29:36 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-18 22:29:36 ----A---- C:\WINDOWS\system32\java.exe
2009-05-16 20:54:37 ----D---- C:\Program Files\Pidgin
2009-05-12 18:18:57 ----D---- C:\Program Files\Fajr Caller
2009-05-12 18:18:44 ----A---- C:\WINDOWS\uninst.exe
2009-05-11 03:21:37 ----D---- C:\Program Files\CHRYOPROD
2009-05-11 01:27:23 ----D---- C:\Documents and Settings\Hamza\Application Data\Sony Corporation
2009-05-11 01:25:39 ----D---- C:\Program Files\Fichiers communs\Sony Shared
2009-05-11 01:25:38 ----D---- C:\Program Files\Sony
2009-05-10 02:47:20 ----D---- C:\Program Files\Agelong Tree
2009-05-09 01:31:48 ----D---- C:\Documents and Settings\Hamza\Application Data\gtk-2.0
2009-05-09 01:02:49 ----D---- C:\Documents and Settings\Hamza\Application Data\.purple
2009-05-09 00:55:29 ----D---- C:\Program Files\Aspell
2009-05-09 00:53:44 ----D---- C:\Program Files\Fichiers communs\GTK
2009-05-09 00:43:46 ----D---- C:\Documents and Settings\Hamza\Application Data\UseNeXT
2009-05-09 00:43:38 ----D---- C:\Program Files\Usenet.to
2009-05-08 22:37:09 ----D---- C:\Documents and Settings\Hamza\Application Data\mIRC
2009-05-08 22:37:08 ----D---- C:\Program Files\mIRC
2009-05-08 17:12:48 ----D---- C:\Program Files\GenealogyJ
2009-05-08 17:11:59 ----D---- C:\Documents and Settings\Hamza\Application Data\GenJ
2009-05-07 23:39:04 ----D---- C:\Documents and Settings\Hamza\Application Data\Ancestrologie
2009-05-07 23:38:51 ----D---- C:\Program Files\Ancestrologie
2009-05-07 22:43:16 ----D---- C:\Program Files\GenoPro
2009-05-06 19:07:15 ----D---- C:\Documents and Settings\Hamza\Application Data\Thunderbird
2009-05-06 03:20:51 ----A---- C:\WINDOWS\avisplitter.INI
2009-05-01 12:10:22 ----D---- C:\Documents and Settings\Hamza\Application Data\Kasper-Key_Sharing_Networ
2009-04-30 15:30:11 ----D---- C:\Documents and Settings\Hamza\Application Data\Apple Computer
2009-04-30 15:29:27 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-04-30 15:28:55 ----D---- C:\Program Files\iPod
2009-04-30 15:28:51 ----D---- C:\Program Files\iTunes
2009-04-30 15:28:51 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-04-30 15:27:27 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-04-30 15:27:11 ----D---- C:\Program Files\Apple Software Update
2009-04-30 15:26:44 ----D---- C:\Program Files\Fichiers communs\Apple
2009-04-30 15:26:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-04-29 20:29:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-04-29 01:53:27 ----D---- C:\hellsing
2009-04-20 03:43:16 ----A---- C:\WINDOWS\MyHeritage.INI
2009-04-20 03:41:14 ----D---- C:\Documents and Settings\Hamza\Application Data\MyHeritage
2009-04-20 03:41:14 ----D---- C:\Documents and Settings\All Users\Application Data\MyHeritage
2009-04-20 03:40:52 ----A---- C:\WINDOWS\system32\PaintX.dll
2009-04-20 03:40:49 ----D---- C:\Documents and Settings\Hamza\Application Data\The Complete Genealogy Reporter - FTB
2009-04-20 03:40:21 ----D---- C:\Program Files\MyHeritage
2009-04-18 18:11:23 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-18 18:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-18 18:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-18 18:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-04-18 02:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-18 02:21:53 ----D---- C:\Documents and Settings\Hamza\Application Data\Généatique2009
2009-04-18 02:20:50 ----A---- C:\WINDOWS\system32\pxc25pm.dll
2009-04-18 02:20:46 ----D---- C:\Program Files\Tracker Software
2009-04-18 02:20:26 ----A---- C:\WINDOWS\system32\OC30.DLL
2009-04-18 02:20:25 ----A---- C:\WINDOWS\system32\PCDLIB32.DLL
2009-04-18 02:20:25 ----A---- C:\WINDOWS\system32\imgman31.dll
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5TOOL32.DLL
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5RTF32.DLL
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5MENU32.DLL
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5KRNL32.DLL
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5ICON32.DLL
2009-04-18 02:20:24 ----A---- C:\WINDOWS\system32\H5DLG32.DLL
2009-04-18 02:19:20 ----A---- C:\WINDOWS\system32\stlpmt45.dll
2009-04-18 02:19:19 ----A---- C:\WINDOWS\system32\MFCANS32.DLL
2009-04-18 02:19:19 ----A---- C:\WINDOWS\system32\LPNG.DLL
2009-04-18 02:19:19 ----A---- C:\WINDOWS\system32\DragExt.dll
2009-04-18 02:19:18 ----A---- C:\WINDOWS\system32\cc3260mt.dll
2009-04-18 02:19:18 ----A---- C:\WINDOWS\system32\cc3250mt.dll
2009-04-18 02:19:18 ----A---- C:\WINDOWS\system32\borlndmm.dll
2009-04-18 02:19:00 ----D---- C:\Program Files\Geneatique2009
2009-04-17 22:30:09 ----D---- C:\Documents and Settings\Hamza\Application Data\Bump Technologies, Inc
2009-04-17 22:27:06 ----D---- C:\Program Files\bumptop
2009-04-17 21:44:03 ----A---- C:\WINDOWS\svae_unst.exe
2009-04-17 21:44:01 ----D---- C:\Program Files\Sensiva
2009-04-17 02:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-17 02:19:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:23:13 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-04-15 23:14:28 ----D---- C:\Program Files\Messenger Plus! Live
2009-04-08 23:07:55 ----A---- C:\WINDOWS\vsnpstd.exe
2009-04-08 23:07:55 ----A---- C:\WINDOWS\system32\unicows.dll
2009-04-08 23:07:55 ----A---- C:\WINDOWS\system32\dsnpstd.dll
2009-04-08 23:07:55 ----A---- C:\WINDOWS\snpstd.ini
2009-04-08 23:07:50 ----A---- C:\WINDOWS\system32\vsnpstd.dll
2009-04-08 23:07:50 ----A---- C:\WINDOWS\system32\rsnpstd.dll
2009-04-08 23:07:50 ----A---- C:\WINDOWS\system32\csnpstd.dll
2009-04-08 23:07:47 ----D---- C:\Program Files\Fichiers communs\snpstd
2009-04-08 23:07:47 ----A---- C:\WINDOWS\usnpstd.exe
======List of files/folders modified in the last 2 months======
2009-06-06 18:06:17 ----D---- C:\WINDOWS\Prefetch
2009-06-06 18:06:00 ----D---- C:\WINDOWS\Temp
2009-06-06 17:44:05 ----D---- C:\Program Files\Mozilla Firefox
2009-06-06 17:33:15 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon
2009-06-06 03:04:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-05 21:20:28 ----A---- C:\WINDOWS\NeroDigital.ini
2009-06-05 18:36:22 ----D---- C:\WINDOWS
2009-06-03 00:18:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-02 01:24:50 ----D---- C:\Documents and Settings\Hamza\Application Data\Adobe
2009-06-01 22:26:55 ----D---- C:\Documents and Settings\Hamza\Application Data\Skype
2009-06-01 18:56:22 ----D---- C:\WINDOWS\system32
2009-06-01 18:48:42 ----A---- C:\WINDOWS\system.ini
2009-06-01 18:40:26 ----D---- C:\WINDOWS\system32\drivers
2009-06-01 18:40:26 ----D---- C:\WINDOWS\AppPatch
2009-06-01 18:40:20 ----D---- C:\Program Files\Fichiers communs
2009-06-01 18:35:58 ----SD---- C:\WINDOWS\Tasks
2009-06-01 17:41:11 ----D---- C:\Documents and Settings\Hamza\Application Data\skypePM
2009-05-30 19:02:41 ----D---- C:\WINDOWS\system32\config
2009-05-30 18:50:08 ----RASH---- C:\boot.ini
2009-05-29 23:24:14 ----D---- C:\WINDOWS\Minidump
2009-05-29 10:12:07 ----HD---- C:\WINDOWS\inf
2009-05-28 21:42:19 ----RD---- C:\Program Files
2009-05-28 13:11:04 ----D---- C:\WINDOWS\twain_32
2009-05-28 02:02:26 ----SHD---- C:\WINDOWS\Installer
2009-05-28 01:09:02 ----D---- C:\WINDOWS\Debug
2009-05-28 00:04:45 ----D---- C:\Documents and Settings\Hamza\Application Data\Tor
2009-05-26 02:37:20 ----D---- C:\Documents and Settings\Hamza\Application Data\Azureus
2009-05-24 21:39:39 ----D---- C:\Program Files\Azureus
2009-05-21 21:07:47 ----D---- C:\Documents and Settings
2009-05-19 03:57:32 ----D---- C:\Program Files\MioNet
2009-05-18 22:29:33 ----D---- C:\Program Files\Java
2009-05-11 02:06:51 ----SD---- C:\Documents and Settings\Hamza\Application Data\Microsoft
2009-05-11 01:25:38 ----D---- C:\WINDOWS\WinSxS
2009-05-10 13:34:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-09 23:31:51 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-05 17:17:39 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2009-04-30 15:29:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-04-30 15:28:34 ----D---- C:\Program Files\Bonjour
2009-04-30 15:28:00 ----D---- C:\Program Files\QuickTime
2009-04-29 20:29:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-29 17:23:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-24 22:38:45 ----D---- C:\WINDOWS\system32\wbem
2009-04-18 18:10:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-18 02:20:20 ----RSD---- C:\WINDOWS\Fonts
2009-04-17 23:03:33 ----D---- C:\Documents and Settings\Hamza\Application Data\Babylon
2009-04-17 02:18:56 ----A---- C:\WINDOWS\win.ini
2009-04-08 23:07:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-08 22:57:37 ----D---- C:\Program Files\ma-config.com
2009-04-08 22:57:37 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 EPPSCSIx;EPPSCSIx; C:\WINDOWS\System32\drivers\EPPSCSI.SYS [1999-11-11 49628]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-08-13 40544]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-08-13 25723]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-08-13 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-08-13 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-08-13 2271]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-08-13 86202]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-08-13 14715]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-08-13 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-08-13 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-08-13 100603]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-13 5672032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-11-15 115328]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 ZSMC301b;Philips SPC 200NC PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-03-02 127065]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\Hamza\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd;USB PC Camera (SN9C102); C:\WINDOWS\system32\DRIVERS\snpstd.sys [2004-03-22 301824]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MicrosoftUpdateRemoteService;Microsoft Update Remote Service; C:\WINDOWS\system32\msupdtrsvc.exe [2009-05-25 428365]
R2 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2005-07-15 139264]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 gupdate1c9b281b7b4ce98;Service Google Update (gupdate1c9b281b7b4ce98); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-01 133104]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-24 651720]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-03-28 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe [2007-09-05 24635]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [2007-07-06 5730304]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
-
Bonjour Gof
& Mercipour votre accueil .Voila le résultat de Virus Total :
------------------------------------
Fichier msupdtrsvc.exe.vir reçu le 2009.06.06 15:56:56 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.06.04 -
AhnLab-V3 5.0.0.2 2009.06.05 -
AntiVir 7.9.0.180 2009.06.06 -
Antiy-AVL 2.0.3.1 2009.06.05 -
Authentium 5.1.2.4 2009.06.05 -
Avast 4.8.1335.0 2009.06.05 -
AVG 8.5.0.339 2009.06.06 -
BitDefender 7.2 2009.06.06 -
CAT-QuickHeal 10.00 2009.06.06 -
ClamAV 0.94.1 2009.06.06 -
Comodo 1272 2009.06.06 -
DrWeb 5.0.0.12182 2009.06.06 -
eSafe 7.0.17.0 2009.06.04 -
eTrust-Vet 31.6.6542 2009.06.05 -
F-Prot 4.4.4.56 2009.06.05 -
F-Secure 8.0.14470.0 2009.06.05 -
Fortinet 3.117.0.0 2009.06.06 -
GData 19 2009.06.06 -
Ikarus T3.1.1.59.0 2009.06.06 -
K7AntiVirus 7.10.754 2009.06.04 -
Kaspersky 7.0.0.125 2009.06.06 -
McAfee 5637 2009.06.05 -
McAfee+Artemis 5637 2009.06.05 -
McAfee-GW-Edition 6.7.6 2009.06.06 -
Microsoft 1.4701 2009.06.06 -
NOD32 4135 2009.06.06 -
Norman 6.01.09 2009.06.05 -
nProtect 2009.1.8.0 2009.06.06 -
Panda 10.0.0.14 2009.06.06 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.06 -
Rising 21.32.52.00 2009.06.06 -
Sophos 4.42.0 2009.06.06 -
Sunbelt 3.2.1858.2 2009.06.06 -
Symantec 1.4.4.12 2009.06.06 -
TheHacker 6.3.4.3.340 2009.06.05 -
TrendMicro 8.950.0.1092 2009.06.06 -
VBA32 3.12.10.6 2009.06.06 -
ViRobot 2009.6.5.1771 2009.06.05 -
VirusBuster 4.6.5.0 2009.06.06 -
Information additionnelle
File size: 428365 bytes
MD5...: 01cee679f273938bbb4cde61a5dee48a
SHA1..: 50a0acc9cafbd139618bb3729ad35e5c6a41c7c0
SHA256: b10d1d30494d680f1f74a5cca3232b142bec5d9ffbfcf13b3c0f95333fea6df5
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Borland Delphi 7 (69.1%)<br>Win32 Executable Borland Delphi 6 (27.0%)<br>Win32 Executable Delphi generic (1.5%)<br>Win32 Executable Generic (0.8%)<br>Win32 Dynamic Link Library (generic) (0.7%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x56f44<br>timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype.......: 0x14c (I386)<br><br>( 8 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>CODE 0x1000 0x55f8c 0x56000 6.53 f7a31828369075214a8a79c4bd4d620f<br>DATA 0x57000 0x1278 0x1400 3.93 01f68471e91e5bf8626a22a304ae56fc<br>BSS 0x59000 0xc1d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x5a000 0x23f0 0x2400 5.05 12a8c6befc66fafe9f47e34d4e8be33f<br>.tls 0x5d000 0x10 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rdata 0x5e000 0x18 0x200 0.20 8ce3ae5053503c6a34a184caaadf29a3<br>.reloc 0x5f000 0x62b4 0x6400 6.65 c5b7bc3573be46a6de759ec4350dbcf5<br>.rsrc 0x66000 0x6000 0x6000 4.10 3a6e7c07f41485d549169b392d4db8cf<br><br>( 14 imports ) <br>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle<br>> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA<br>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen<br>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<br>> advapi32.dll: ReportEventA, RegisterEventSourceA, RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegCloseKey, DeregisterEventSource<br>> kernel32.dll: lstrcpyA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualAlloc, TerminateProcess, SuspendThread, Sleep, SizeofResource, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCPInfo, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FindResourceA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateThread, CreateProcessA, CreateFileA, CreateEventA, CompareStringA, CloseHandle<br>> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA<br>> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt<br>> user32.dll: CreateWindowExA, WindowFromPoint, WinHelpA, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageA, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout<br>> kernel32.dll: Sleep<br>> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit<br>> advapi32.dll: StartServiceCtrlDispatcherA, SetServiceStatus, RegisterServiceCtrlHandlerA, OpenServiceA, OpenSCManagerA, DeleteService, CreateServiceA, CloseServiceHandle<br>> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.06.04 -
AhnLab-V3 5.0.0.2 2009.06.05 -
AntiVir 7.9.0.180 2009.06.06 -
Antiy-AVL 2.0.3.1 2009.06.05 -
Authentium 5.1.2.4 2009.06.05 -
Avast 4.8.1335.0 2009.06.05 -
AVG 8.5.0.339 2009.06.06 -
BitDefender 7.2 2009.06.06 -
CAT-QuickHeal 10.00 2009.06.06 -
ClamAV 0.94.1 2009.06.06 -
Comodo 1272 2009.06.06 -
DrWeb 5.0.0.12182 2009.06.06 -
eSafe 7.0.17.0 2009.06.04 -
eTrust-Vet 31.6.6542 2009.06.05 -
F-Prot 4.4.4.56 2009.06.05 -
F-Secure 8.0.14470.0 2009.06.05 -
Fortinet 3.117.0.0 2009.06.06 -
GData 19 2009.06.06 -
Ikarus T3.1.1.59.0 2009.06.06 -
K7AntiVirus 7.10.754 2009.06.04 -
Kaspersky 7.0.0.125 2009.06.06 -
McAfee 5637 2009.06.05 -
McAfee+Artemis 5637 2009.06.05 -
McAfee-GW-Edition 6.7.6 2009.06.06 -
Microsoft 1.4701 2009.06.06 -
NOD32 4135 2009.06.06 -
Norman 6.01.09 2009.06.05 -
nProtect 2009.1.8.0 2009.06.06 -
Panda 10.0.0.14 2009.06.06 -
PCTools 4.4.2.0 2009.06.06 -
Prevx 3.0 2009.06.06 -
Rising 21.32.52.00 2009.06.06 -
Sophos 4.42.0 2009.06.06 -
Sunbelt 3.2.1858.2 2009.06.06 -
Symantec 1.4.4.12 2009.06.06 -
TheHacker 6.3.4.3.340 2009.06.05 -
TrendMicro 8.950.0.1092 2009.06.06 -
VBA32 3.12.10.6 2009.06.06 -
ViRobot 2009.6.5.1771 2009.06.05 -
VirusBuster 4.6.5.0 2009.06.06 -
Information additionnelle
File size: 428365 bytes
MD5...: 01cee679f273938bbb4cde61a5dee48a
SHA1..: 50a0acc9cafbd139618bb3729ad35e5c6a41c7c0
SHA256: b10d1d30494d680f1f74a5cca3232b142bec5d9ffbfcf13b3c0f95333fea6df5
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Borland Delphi 7 (69.1%)<br>Win32 Executable Borland Delphi 6 (27.0%)<br>Win32 Executable Delphi generic (1.5%)<br>Win32 Executable Generic (0.8%)<br>Win32 Dynamic Link Library (generic) (0.7%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x56f44<br>timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype.......: 0x14c (I386)<br><br>( 8 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>CODE 0x1000 0x55f8c 0x56000 6.53 f7a31828369075214a8a79c4bd4d620f<br>DATA 0x57000 0x1278 0x1400 3.93 01f68471e91e5bf8626a22a304ae56fc<br>BSS 0x59000 0xc1d 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x5a000 0x23f0 0x2400 5.05 12a8c6befc66fafe9f47e34d4e8be33f<br>.tls 0x5d000 0x10 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rdata 0x5e000 0x18 0x200 0.20 8ce3ae5053503c6a34a184caaadf29a3<br>.reloc 0x5f000 0x62b4 0x6400 6.65 c5b7bc3573be46a6de759ec4350dbcf5<br>.rsrc 0x66000 0x6000 0x6000 4.10 3a6e7c07f41485d549169b392d4db8cf<br><br>( 14 imports ) <br>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle<br>> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA<br>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen<br>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<br>> advapi32.dll: ReportEventA, RegisterEventSourceA, RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegCloseKey, DeregisterEventSource<br>> kernel32.dll: lstrcpyA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualAlloc, TerminateProcess, SuspendThread, Sleep, SizeofResource, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCPInfo, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FindResourceA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateThread, CreateProcessA, CreateFileA, CreateEventA, CompareStringA, CloseHandle<br>> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA<br>> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt<br>> user32.dll: CreateWindowExA, WindowFromPoint, WinHelpA, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostThreadMessageA, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageA, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout<br>> kernel32.dll: Sleep<br>> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit<br>> advapi32.dll: StartServiceCtrlDispatcherA, SetServiceStatus, RegisterServiceCtrlHandlerA, OpenServiceA, OpenSCManagerA, DeleteService, CreateServiceA, CloseServiceHandle<br>> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
-
Bonjour,
J'ai découvert ce forum en postant mon problème sur le Forum de CCM.net ils mon demander de télécharger plein de logiciels pour analyser mon PC afin qu'ils essayes de trouver le probleme qui est sur mon Ordinateur, malheureusement ils on pas pu trouver la solution, le bizarre aussi ces que qu'elle qu'un ce prend pour le créateur du VIRUS même et sois disant essaye de m'aidai donc j'ai trouver sa très louche, voila le lien http://www.commentcamarche.net/forum/affic...raiment-bizarre
Description du virus :
je v'es être front, je pense que j'ai choper ce VIRUS en téléchargeant un "CRACK", le virus consiste à démarrer on arrière plant un son qui et très dérangeant, une musique + un gars qui parle Anglais ces des PUB je pense "selon les propos du créateur" , j'ai pas pu enlever ce Virus, y a aussi un truc que je veut vérifier ces que le mec ma indiquer l'exécuteur que je doit supprimer ils s'appelle C:\WINDOWS\system32\msupdtrsvc.exe, esse que ce n'es pas dangereux de supprimer sa, voila Merci beaucoup on espérant que le formatage n'es pas la solution
Bon journée & merci pour le temps que vous passer à nous aider
Malwarbite and Kaspersky comportement bizzare
dans Analyses et éradication malwares
Posté(e)
2011/05/30 17:23:48.0660 4908 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/30 17:23:49.0905 4908 ================================================================================
2011/05/30 17:23:49.0905 4908 SystemInfo:
2011/05/30 17:23:49.0905 4908
2011/05/30 17:23:49.0905 4908 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/30 17:23:49.0905 4908 Product type: Workstation
2011/05/30 17:23:49.0906 4908 ComputerName: GASMI
2011/05/30 17:23:49.0906 4908 UserName: Hamza
2011/05/30 17:23:49.0906 4908 Windows directory: C:\windows
2011/05/30 17:23:49.0906 4908 System windows directory: C:\windows
2011/05/30 17:23:49.0906 4908 Processor architecture: Intel x86
2011/05/30 17:23:49.0906 4908 Number of processors: 2
2011/05/30 17:23:49.0906 4908 Page size: 0x1000
2011/05/30 17:23:49.0906 4908 Boot type: Normal boot
2011/05/30 17:23:49.0906 4908 ================================================================================
2011/05/30 17:23:51.0374 4908 Initialize success
2011/05/30 17:24:27.0694 3664 ================================================================================
2011/05/30 17:24:27.0694 3664 Scan started
2011/05/30 17:24:27.0694 3664 Mode: Manual;
2011/05/30 17:24:27.0694 3664 ================================================================================
2011/05/30 17:24:30.0905 3664 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2011/05/30 17:24:30.0949 3664 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2011/05/30 17:24:31.0058 3664 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2011/05/30 17:24:31.0190 3664 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/05/30 17:24:31.0308 3664 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/05/30 17:24:31.0356 3664 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/05/30 17:24:31.0489 3664 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2011/05/30 17:24:31.0513 3664 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2011/05/30 17:24:31.0639 3664 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/05/30 17:24:31.0787 3664 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2011/05/30 17:24:31.0824 3664 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2011/05/30 17:24:31.0944 3664 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2011/05/30 17:24:31.0985 3664 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/05/30 17:24:32.0085 3664 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/05/30 17:24:32.0119 3664 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2011/05/30 17:24:32.0229 3664 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/05/30 17:24:32.0263 3664 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2011/05/30 17:24:32.0358 3664 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2011/05/30 17:24:32.0533 3664 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/05/30 17:24:32.0568 3664 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/05/30 17:24:32.0668 3664 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/05/30 17:24:32.0707 3664 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2011/05/30 17:24:32.0844 3664 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
2011/05/30 17:24:33.0026 3664 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/05/30 17:24:33.0151 3664 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/05/30 17:24:33.0273 3664 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/05/30 17:24:33.0432 3664 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/05/30 17:24:33.0614 3664 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys
2011/05/30 17:24:33.0672 3664 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/05/30 17:24:33.0770 3664 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/05/30 17:24:33.0820 3664 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/05/30 17:24:33.0922 3664 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/05/30 17:24:33.0953 3664 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/05/30 17:24:33.0983 3664 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/05/30 17:24:34.0080 3664 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/05/30 17:24:34.0203 3664 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/05/30 17:24:34.0333 3664 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2011/05/30 17:24:34.0468 3664 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/05/30 17:24:34.0511 3664 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/05/30 17:24:34.0645 3664 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/05/30 17:24:34.0680 3664 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2011/05/30 17:24:34.0728 3664 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/05/30 17:24:34.0814 3664 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/05/30 17:24:34.0940 3664 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/05/30 17:24:34.0993 3664 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/05/30 17:24:35.0141 3664 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2011/05/30 17:24:35.0187 3664 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/05/30 17:24:35.0300 3664 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/05/30 17:24:35.0355 3664 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/05/30 17:24:35.0495 3664 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\windows\System32\drivers\dxgkrnl.sys
2011/05/30 17:24:35.0681 3664 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/05/30 17:24:35.0922 3664 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/05/30 17:24:36.0039 3664 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2011/05/30 17:24:36.0099 3664 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/05/30 17:24:36.0194 3664 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/05/30 17:24:36.0325 3664 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/05/30 17:24:36.0395 3664 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/05/30 17:24:36.0423 3664 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/05/30 17:24:36.0535 3664 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/05/30 17:24:36.0579 3664 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/05/30 17:24:36.0690 3664 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/05/30 17:24:36.0742 3664 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
2011/05/30 17:24:36.0851 3664 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/05/30 17:24:36.0899 3664 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
2011/05/30 17:24:37.0002 3664 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/05/30 17:24:37.0117 3664 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/30 17:24:37.0294 3664 hamachi (833051c6c6c42117191935f734cfbd97) C:\windows\system32\DRIVERS\hamachi.sys
2011/05/30 17:24:37.0370 3664 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/05/30 17:24:37.0493 3664 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2011/05/30 17:24:37.0537 3664 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/05/30 17:24:37.0625 3664 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/05/30 17:24:37.0669 3664 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/05/30 17:24:37.0784 3664 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/05/30 17:24:37.0912 3664 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2011/05/30 17:24:37.0978 3664 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/05/30 17:24:38.0102 3664 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2011/05/30 17:24:38.0212 3664 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2011/05/30 17:24:38.0333 3664 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2011/05/30 17:24:38.0393 3664 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
2011/05/30 17:24:38.0511 3664 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2011/05/30 17:24:38.0846 3664 igfx (dce0b53570703cce580d066f89ef58cd) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/05/30 17:24:39.0137 3664 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/05/30 17:24:39.0370 3664 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\windows\system32\drivers\RTKVHDA.sys
2011/05/30 17:24:39.0569 3664 IntcHdmiAddService (264632ade8127b7baa2190cf6fad435b) C:\windows\system32\drivers\IntcHdmi.sys
2011/05/30 17:24:39.0681 3664 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2011/05/30 17:24:39.0810 3664 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/05/30 17:24:39.0930 3664 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/05/30 17:24:39.0977 3664 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/05/30 17:24:40.0081 3664 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/05/30 17:24:40.0218 3664 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/05/30 17:24:40.0253 3664 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2011/05/30 17:24:40.0300 3664 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2011/05/30 17:24:40.0416 3664 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/05/30 17:24:40.0465 3664 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2011/05/30 17:24:40.0604 3664 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\windows\system32\DRIVERS\kl1.sys
2011/05/30 17:24:40.0681 3664 kl2 (713576569667ac9e0f8556076004a96b) C:\windows\system32\DRIVERS\kl2.sys
2011/05/30 17:24:40.0856 3664 KLIF (39920d69eaedb51757527aa54fe25216) C:\windows\system32\DRIVERS\klif.sys
2011/05/30 17:24:40.0992 3664 KLIM6 (cf88b4985d957eee45c9939092e87c92) C:\windows\system32\DRIVERS\klim6.sys
2011/05/30 17:24:41.0046 3664 klmouflt (3de1771c135328420315e21dde229bba) C:\windows\system32\DRIVERS\klmouflt.sys
2011/05/30 17:24:41.0159 3664 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2011/05/30 17:24:41.0199 3664 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
2011/05/30 17:24:41.0343 3664 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/05/30 17:24:41.0409 3664 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/05/30 17:24:41.0518 3664 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/05/30 17:24:41.0577 3664 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/05/30 17:24:41.0682 3664 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/05/30 17:24:41.0729 3664 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/05/30 17:24:41.0885 3664 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\windows\system32\drivers\mbam.sys
2011/05/30 17:24:41.0956 3664 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/05/30 17:24:42.0061 3664 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/05/30 17:24:42.0100 3664 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/05/30 17:24:42.0211 3664 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/05/30 17:24:42.0245 3664 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/05/30 17:24:42.0357 3664 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/05/30 17:24:42.0393 3664 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2011/05/30 17:24:42.0415 3664 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2011/05/30 17:24:42.0527 3664 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/05/30 17:24:42.0592 3664 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2011/05/30 17:24:42.0725 3664 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/05/30 17:24:42.0759 3664 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/05/30 17:24:42.0882 3664 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/05/30 17:24:42.0922 3664 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2011/05/30 17:24:43.0008 3664 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2011/05/30 17:24:43.0063 3664 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/05/30 17:24:43.0102 3664 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/05/30 17:24:43.0204 3664 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2011/05/30 17:24:43.0263 3664 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/05/30 17:24:43.0373 3664 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/05/30 17:24:43.0410 3664 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/05/30 17:24:43.0460 3664 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/05/30 17:24:43.0573 3664 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2011/05/30 17:24:43.0611 3664 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/05/30 17:24:43.0723 3664 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/05/30 17:24:43.0746 3664 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/05/30 17:24:43.0869 3664 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/05/30 17:24:43.0922 3664 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2011/05/30 17:24:44.0016 3664 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/05/30 17:24:44.0054 3664 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2011/05/30 17:24:44.0177 3664 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2011/05/30 17:24:44.0213 3664 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2011/05/30 17:24:44.0307 3664 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2011/05/30 17:24:44.0334 3664 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2011/05/30 17:24:44.0363 3664 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2011/05/30 17:24:44.0501 3664 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2011/05/30 17:24:44.0621 3664 nmwcd (c82f4cc10ad315b6d6bcb14d0a7cad66) C:\windows\system32\drivers\ccdcmb.sys
2011/05/30 17:24:44.0675 3664 nmwcdc (60ef5f5621d7832f00a3f190a0c905e2) C:\windows\system32\drivers\ccdcmbo.sys
2011/05/30 17:24:44.0770 3664 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2011/05/30 17:24:44.0821 3664 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2011/05/30 17:24:44.0935 3664 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
2011/05/30 17:24:45.0061 3664 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2011/05/30 17:24:45.0098 3664 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
2011/05/30 17:24:45.0205 3664 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
2011/05/30 17:24:45.0246 3664 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2011/05/30 17:24:45.0383 3664 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2011/05/30 17:24:45.0510 3664 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2011/05/30 17:24:45.0538 3664 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2011/05/30 17:24:45.0583 3664 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2011/05/30 17:24:45.0690 3664 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2011/05/30 17:24:45.0733 3664 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2011/05/30 17:24:45.0775 3664 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2011/05/30 17:24:45.0876 3664 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2011/05/30 17:24:45.0919 3664 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2011/05/30 17:24:46.0127 3664 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2011/05/30 17:24:46.0161 3664 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2011/05/30 17:24:46.0290 3664 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2011/05/30 17:24:46.0348 3664 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2011/05/30 17:24:46.0487 3664 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2011/05/30 17:24:46.0533 3664 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2011/05/30 17:24:46.0632 3664 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2011/05/30 17:24:46.0685 3664 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/05/30 17:24:46.0784 3664 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/05/30 17:24:46.0916 3664 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2011/05/30 17:24:47.0040 3664 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2011/05/30 17:24:47.0090 3664 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2011/05/30 17:24:47.0191 3664 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2011/05/30 17:24:47.0223 3664 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/05/30 17:24:47.0342 3664 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2011/05/30 17:24:47.0389 3664 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2011/05/30 17:24:47.0496 3664 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2011/05/30 17:24:47.0621 3664 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2011/05/30 17:24:47.0792 3664 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2011/05/30 17:24:47.0825 3664 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
2011/05/30 17:24:47.0935 3664 s1018bus (12a851f30853a5a8e7b50341fa4b0ffb) C:\windows\system32\DRIVERS\s1018bus.sys
2011/05/30 17:24:47.0990 3664 s1018mdfl (a0141d5dc689a892b3f30446cbe52575) C:\windows\system32\DRIVERS\s1018mdfl.sys
2011/05/30 17:24:48.0090 3664 s1018mdm (07d430e4b2bfde6b07f31f1da6e7cab0) C:\windows\system32\DRIVERS\s1018mdm.sys
2011/05/30 17:24:48.0154 3664 s1018mgmt (d73c20d3f0f825c8fd23f841cdcb14c0) C:\windows\system32\DRIVERS\s1018mgmt.sys
2011/05/30 17:24:48.0261 3664 s1018nd5 (895a1a2812dbd5afdd5ca4686a89a33c) C:\windows\system32\DRIVERS\s1018nd5.sys
2011/05/30 17:24:48.0385 3664 s1018obex (a986e9683c74fa06456fd2ad34ba1490) C:\windows\system32\DRIVERS\s1018obex.sys
2011/05/30 17:24:48.0431 3664 s1018unic (da83525924c23f30f37ac1d1f11d6f15) C:\windows\system32\DRIVERS\s1018unic.sys
2011/05/30 17:24:48.0552 3664 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2011/05/30 17:24:48.0649 3664 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2011/05/30 17:24:48.0778 3664 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2011/05/30 17:24:48.0826 3664 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/05/30 17:24:48.0977 3664 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2011/05/30 17:24:49.0018 3664 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2011/05/30 17:24:49.0123 3664 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2011/05/30 17:24:49.0178 3664 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2011/05/30 17:24:49.0278 3664 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/05/30 17:24:49.0318 3664 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/05/30 17:24:49.0433 3664 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2011/05/30 17:24:49.0486 3664 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2011/05/30 17:24:49.0589 3664 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/05/30 17:24:49.0626 3664 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2011/05/30 17:24:49.0656 3664 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2011/05/30 17:24:49.0768 3664 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2011/05/30 17:24:49.0943 3664 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
2011/05/30 17:24:49.0944 3664 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/05/30 17:24:49.0970 3664 sptd - detected LockedFile.Multi.Generic (1)
2011/05/30 17:24:50.0090 3664 srv (4a9b0f215de2519e2363f91df25c1e97) C:\windows\system32\DRIVERS\srv.sys
2011/05/30 17:24:50.0127 3664 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\windows\system32\DRIVERS\srv2.sys
2011/05/30 17:24:50.0250 3664 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\windows\system32\DRIVERS\srvnet.sys
2011/05/30 17:24:50.0320 3664 sscdbus (92b69020fc480219683d429dca068d71) C:\windows\system32\DRIVERS\sscdbus.sys
2011/05/30 17:24:50.0432 3664 sscdmdfl (77a2869d40cc84af711c321f9b0c7a78) C:\windows\system32\DRIVERS\sscdmdfl.sys
2011/05/30 17:24:50.0475 3664 sscdmdm (b4255635195a8413fcde7af5b7c4e382) C:\windows\system32\DRIVERS\sscdmdm.sys
2011/05/30 17:24:50.0578 3664 StarOpen (306521935042fc0a6988d528643619b3) C:\windows\system32\drivers\StarOpen.sys
2011/05/30 17:24:50.0655 3664 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2011/05/30 17:24:50.0757 3664 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2011/05/30 17:24:50.0841 3664 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2011/05/30 17:24:51.0020 3664 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\drivers\tcpip.sys
2011/05/30 17:24:51.0176 3664 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\DRIVERS\tcpip.sys
2011/05/30 17:24:51.0294 3664 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2011/05/30 17:24:51.0337 3664 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2011/05/30 17:24:51.0372 3664 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2011/05/30 17:24:51.0479 3664 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2011/05/30 17:24:51.0525 3664 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2011/05/30 17:24:51.0665 3664 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/05/30 17:24:51.0777 3664 TS_AR5416 (86a7df019a144db8b63d86ace0c19ef5) C:\windows\system32\DRIVERS\ts_athw.sys
2011/05/30 17:24:51.0897 3664 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2011/05/30 17:24:51.0932 3664 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2011/05/30 17:24:51.0992 3664 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
2011/05/30 17:24:52.0121 3664 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/05/30 17:24:52.0251 3664 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2011/05/30 17:24:52.0300 3664 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2011/05/30 17:24:52.0435 3664 upperdev (bb16932a4189e82d6c455042c11849b6) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
2011/05/30 17:24:52.0578 3664 USBAAPL (e8c1b9ebac65288e1b51e8a987d98af6) C:\windows\system32\Drivers\usbaapl.sys
2011/05/30 17:24:52.0626 3664 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
2011/05/30 17:24:52.0741 3664 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2011/05/30 17:24:52.0791 3664 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
2011/05/30 17:24:52.0899 3664 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
2011/05/30 17:24:52.0931 3664 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2011/05/30 17:24:52.0971 3664 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2011/05/30 17:24:53.0102 3664 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\windows\system32\DRIVERS\usbser.sys
2011/05/30 17:24:53.0227 3664 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/05/30 17:24:53.0286 3664 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/05/30 17:24:53.0382 3664 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
2011/05/30 17:24:53.0448 3664 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
2011/05/30 17:24:53.0569 3664 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/05/30 17:24:53.0608 3664 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2011/05/30 17:24:53.0634 3664 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2011/05/30 17:24:53.0747 3664 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2011/05/30 17:24:53.0792 3664 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2011/05/30 17:24:53.0879 3664 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2011/05/30 17:24:53.0910 3664 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2011/05/30 17:24:53.0942 3664 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2011/05/30 17:24:54.0040 3664 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2011/05/30 17:24:54.0077 3664 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2011/05/30 17:24:54.0189 3664 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2011/05/30 17:24:54.0228 3664 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2011/05/30 17:24:54.0265 3664 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2011/05/30 17:24:54.0373 3664 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2011/05/30 17:24:54.0410 3664 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/05/30 17:24:54.0429 3664 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/05/30 17:24:54.0574 3664 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2011/05/30 17:24:54.0612 3664 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2011/05/30 17:24:54.0762 3664 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2011/05/30 17:24:54.0808 3664 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2011/05/30 17:24:55.0000 3664 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
2011/05/30 17:24:55.0061 3664 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/05/30 17:24:55.0186 3664 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2011/05/30 17:24:55.0235 3664 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2011/05/30 17:24:55.0276 3664 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/05/30 17:24:55.0401 3664 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
2011/05/30 17:24:55.0476 3664 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
2011/05/30 17:24:55.0648 3664 ================================================================================
2011/05/30 17:24:55.0649 3664 Scan finished
2011/05/30 17:24:55.0649 3664 ================================================================================
2011/05/30 17:24:55.0669 3416 Detected object count: 1
2011/05/30 17:24:55.0669 3416 Actual detected object count: 1
2011/05/30 17:25:08.0979 3416 LockedFile.Multi.Generic(sptd) - User select action: Skip