Aller au contenu

Platzounet

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    16

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Platzounet

  1. Platzounet
    En tout cas, merci, c'est super sympa.
  2. Platzounet
    Bon, j'ai fait les dernières recommandations, je lancerai la defrag avant de me coucher. Par contre le logiciel OnClick2RestorePoint ne semble pas avoir supprimer les points de restauration antérieurs que je retrouve dans "Restauration du système" de Windows. De même Javara, j'ai pas du bien comprendre parce que à part me renvoyer sur le site de téléchargement, je ne vois pas ce qu'il a fait de plus... (si j'ai purgé les ancienne versions de Java.) Je vais potasser les liens que tu m'as mis pour la protection. J'ai chopé ça en surfant sur le net? ou quelqu'un à exécuté un exe sur mon poste? Dernière question, est-ce que de restaurer une image système réalisé il y a 6 mois aurait été efficace (je suppose que j'étais sain à l'époque, à moins que le virus n'aie un délai d'incubation)? Bonne nuit et merci encore, z'etes des héros des temps modernes!
  3. Platzounet
    Oui, ça a l'air de marcher. Il m'a tout de même afficher une fenêtre en disant que uninst.exe s'était mal installer... Encore quelques questions (si t'as pas trop sommeil): 1. C'était quoi que j'avais? ça a un nom? 2. Comment j'ai chopé ça parce que je suis en général assez prudent parano et j'ouvre pas n'importe quoi. 3. Comment tu l'as repéré (en deux mots) Bref un grand merci parce que ça fait un 'ti moment que je cherchais... et que je me sentais très mal avec un étranger chez moi.
  4. Platzounet
    Voili voilou, l'a rien trouvé: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5567 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 22/01/2011 00:02:34 mbam-log-2011-01-22 (00-02-34).txt Type d'examen: Examen rapide Elément(s) analysé(s): 164139 Temps écoulé: 1 minute(s), 14 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  5. Platzounet
    Et revoilà le nouveau combofix ComboFix 11-01-20.04 - Olivier Martin 21/01/2011 23:36:25.2.2 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.4094.2974 [GMT 1:00] Lancé depuis: c:\users\Olivier Martin\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Olivier Martin\Desktop\CFScript.txt AV: McAfee AntiVirus et AntiSpyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee AntiVirus et AntiSpyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FILE :: "c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" "c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" "c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" "c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" "c:\program files (x86)\Java\jre6\bin\jusched.exe" "c:\program files (x86)\Skype\Phone\Skype.exe" "c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe c:\program files (x86)\DAEMON Tools Lite\DTLite.exe c:\program files (x86)\Java\jre6\bin\jusched.exe c:\program files (x86)\Skype\Phone\Skype.exe c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-21 au 2011-01-21 )))))))))))))))))))))))))))))))))))) . 2011-01-21 19:57 . 2011-01-21 19:57 -------- d-----w- C:\_OTL 2011-01-17 19:26 . 2011-01-17 19:26 -------- d-----w- c:\program files (x86)\Ad-Remover 2011-01-17 19:20 . 2011-01-21 15:37 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-01-17 16:18 . 2011-01-17 16:18 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-01-17 16:17 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-01-17 16:17 . 2010-11-12 17:53 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2011-01-17 14:56 . 2011-01-21 12:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-01-17 14:56 . 2011-01-17 19:39 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-13 19:11 . 2011-01-13 19:11 -------- d-----w- c:\program files (x86)\Trend Micro 2011-01-03 08:30 . 2011-01-03 08:30 -------- d-----w- c:\program files (x86)\GanttProject 2011-01-03 08:25 . 2011-01-03 08:27 -------- d-----w- c:\users\Olivier Martin\AppData\Roaming\.emacs.d . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-20 17:09 . 2010-08-21 09:41 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2010-12-20 17:08 . 2010-08-21 09:41 24152 ----a-w- c:\windows\system32\drivers\mbam.sys . ((((((((((((((((((((((((((((( SnapShot@2011-01-21_21.48.14 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-14 04:54 . 2011-01-21 22:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-01-21 21:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-01-21 22:41 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-01-21 21:10 81920 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-01-21 21:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-01-21 22:41 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-11-12 12:38 . 2011-01-21 22:26 44882 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-01-21 22:26 41676 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2011-01-21 21:11 41676 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-11-17 15:06 . 2011-01-21 22:26 14596 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1672107402-3960017692-2506112607-1000_UserData.bin - 2009-11-17 14:21 . 2011-01-21 21:10 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-11-17 14:21 . 2011-01-21 22:24 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-11-17 14:21 . 2011-01-21 22:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-11-17 14:21 . 2011-01-21 21:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-01-21 22:24 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-01-21 21:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-11-19 19:15 . 2011-01-21 21:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-11-19 19:15 . 2011-01-21 22:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-11-19 19:15 . 2011-01-21 22:41 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-11-19 19:15 . 2011-01-21 21:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-11-19 19:15 . 2011-01-21 22:41 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-11-19 19:15 . 2011-01-21 21:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-11-18 22:00 . 2011-01-21 22:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-11-18 22:00 . 2011-01-21 21:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-11-19 20:06 . 2011-01-21 22:01 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat - 2009-11-19 20:06 . 2011-01-21 21:00 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat + 2009-11-18 22:00 . 2011-01-21 22:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-11-18 22:00 . 2011-01-21 21:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-01-21 21:10 . 2011-01-21 21:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-01-21 22:41 . 2011-01-21 22:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-01-21 21:10 . 2011-01-21 21:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-01-21 22:41 . 2011-01-21 22:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 15:24 . 2011-01-21 21:14 711544 c:\windows\system32\perfh00C.dat + 2009-07-14 15:24 . 2011-01-21 22:29 711544 c:\windows\system32\perfh00C.dat - 2009-07-14 02:36 . 2011-01-21 21:14 613760 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-01-21 22:29 613760 c:\windows\system32\perfh009.dat - 2009-07-14 15:24 . 2011-01-21 21:14 133186 c:\windows\system32\perfc00C.dat + 2009-07-14 15:24 . 2011-01-21 22:29 133186 c:\windows\system32\perfc00C.dat - 2009-07-14 02:36 . 2011-01-21 21:14 108472 c:\windows\system32\perfc009.dat + 2009-07-14 02:36 . 2011-01-21 22:29 108472 c:\windows\system32\perfc009.dat - 2009-07-14 02:34 . 2011-01-21 20:26 9437184 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-07-14 02:34 . 2011-01-21 22:08 9437184 c:\windows\system32\SMI\Store\Machine\schema.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys [x] R3 CFcatchme;CFcatchme;c:\users\Oliv-S~1\AppData\Local\Temp\CFcatchme.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-20 1038088] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 94864] R3 VBoxMouse;VirtualBox Guest Mouse Service;c:\windows\system32\DRIVERS\VBoxMouse.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2009-10-07 43792] R4 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 136176] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-24 834544] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-08-05 202960] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-01-22 80944] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800] S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424] S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 441328] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 144720] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 164240] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mfeavfk01 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contenu du dossier 'Tâches planifiées' 2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 08:06] 2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 08:06] 2010-01-05 c:\windows\Tasks\SyncBack Sauvegarde mail.job - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2009-11-29 11:00] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-03 7834656] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712] . ------- Examen supplémentaire ------- . mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll FF - ProfilePath - c:\users\Olivier Martin\AppData\Roaming\Mozilla\Firefox\Profiles\monl468j.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHELINS SUPPRIMES - - - - Wow6432Node-HKCU-Run-DAEMON Tools Lite - c:\program files (x86)\DAEMON Tools Lite\DTLite.exe Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\windows\SysWOW64\brsvc01a.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\SysWOW64\brss01a.exe c:\windows\SysWOW64\vmnat.exe c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe c:\windows\SysWOW64\vmnetdhcp.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe . ************************************************************************** . Heure de fin: 2011-01-21 23:44:38 - La machine a redémarré ComboFix-quarantined-files.txt 2011-01-21 22:44 ComboFix2.txt 2011-01-21 21:49 Avant-CF: 436 948 029 440 octets libres Après-CF: 436 859 625 472 octets libres - - End Of File - - 58E5B5BE8CFBE5427F7ABFE2BE300461
  6. Platzounet
    Et voilà le Combofix... ComboFix 11-01-20.04 - Olivier Martin 21/01/2011 22:44:00.1.2 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.4094.2925 [GMT 1:00] Lancé depuis: c:\users\Olivier Martin\Desktop\ComboFix.exe AV: McAfee AntiVirus et AntiSpyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee AntiVirus et AntiSpyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files (x86)\DAEMON Tools Lite\DTLite.exe c:\program files (x86)\Skype\Phone\Skype.exe c:\program files (x86)\Windows Media Player\wmupdater.exe c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat ----- BITS: Il y a peut-être des sites infectés ----- hxxp://www.hhdsoftware.com . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-21 au 2011-01-21 )))))))))))))))))))))))))))))))))))) . 2011-01-21 21:48 . 2011-01-21 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-21 19:57 . 2011-01-21 19:57 -------- d-----w- C:\_OTL 2011-01-17 19:26 . 2011-01-17 19:26 -------- d-----w- c:\program files (x86)\Ad-Remover 2011-01-17 19:20 . 2011-01-21 15:37 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-01-17 16:18 . 2011-01-17 16:18 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-01-17 16:17 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-01-17 16:17 . 2010-11-12 17:53 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll 2011-01-17 14:56 . 2011-01-21 12:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-01-17 14:56 . 2011-01-17 19:39 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-13 19:11 . 2011-01-13 19:11 -------- d-----w- c:\program files (x86)\Trend Micro 2011-01-03 08:30 . 2011-01-03 08:30 -------- d-----w- c:\program files (x86)\GanttProject 2011-01-03 08:25 . 2011-01-03 08:27 -------- d-----w- c:\users\Olivier Martin\AppData\Roaming\.emacs.d . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-01-13 19:11 . 2011-01-13 19:11 388096 ----a-r- c:\users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-12-20 17:09 . 2010-08-21 09:41 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2010-12-20 17:08 . 2010-08-21 09:41 24152 ----a-w- c:\windows\system32\drivers\mbam.sys . <pre> c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl .exe c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray .exe c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl .exe c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe c:\program files (x86)\DAEMON Tools Lite\DTLite .exe c:\program files (x86)\Java\jre6\bin\jusched .exe c:\program files (x86)\Skype\Phone\Skype .exe c:\program files (x86)\VMware\VMware Workstation\vmware-tray .exe </pre> ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [N/A] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-11-20 1038088] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-13 94864] R3 VBoxMouse;VirtualBox Guest Mouse Service;c:\windows\system32\DRIVERS\VBoxMouse.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2009-10-07 43792] R4 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 136176] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-24 834544] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-08-05 202960] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 McMPFSvc;Service McAfee Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352] S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-01-22 80944] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800] S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768] S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424] S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-13 441328] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-06-26 83488] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 144720] S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 164240] --- Autres Services/Pilotes en mémoire --- *Deregistered* - klmd25 *Deregistered* - mfeavfk01 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contenu du dossier 'Tâches planifiées' 2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 08:06] 2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-05 08:06] 2010-01-05 c:\windows\Tasks\SyncBack Sauvegarde mail.job - c:\program files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2009-11-29 11:00] . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-06-03 7834656] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll FF - ProfilePath - c:\users\Olivier Martin\AppData\Roaming\Mozilla\Firefox\Profiles\monl468j.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - user.js: yahoo.homepage.dontask - true . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-01-21 22:49:42 ComboFix-quarantined-files.txt 2011-01-21 21:49 Avant-CF: 437 361 618 944 octets libres Après-CF: 436 918 435 840 octets libres - - End Of File - - EEC231D7A25E2A7AD64F51EEBD1AF262
  7. Platzounet
    J'ai relancé TDSSKiller mais il ne me propose plus "cure" Voilà le log. 2011/01/21 22:21:57.0446 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51 2011/01/21 22:21:57.0446 ================================================================================ 2011/01/21 22:21:57.0446 SystemInfo: 2011/01/21 22:21:57.0446 2011/01/21 22:21:57.0446 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/21 22:21:57.0446 Product type: Workstation 2011/01/21 22:21:57.0446 ComputerName: OLIVE-FIXE 2011/01/21 22:21:57.0446 UserName: Olivier Martin 2011/01/21 22:21:57.0446 Windows directory: C:\Windows 2011/01/21 22:21:57.0446 System windows directory: C:\Windows 2011/01/21 22:21:57.0446 Running under WOW64 2011/01/21 22:21:57.0446 Processor architecture: Intel x64 2011/01/21 22:21:57.0446 Number of processors: 2 2011/01/21 22:21:57.0446 Page size: 0x1000 2011/01/21 22:21:57.0446 Boot type: Normal boot 2011/01/21 22:21:57.0446 ================================================================================ 2011/01/21 22:21:57.0446 Utility is running under WOW64 2011/01/21 22:21:57.0820 Initialize success 2011/01/21 22:22:02.0141 ================================================================================ 2011/01/21 22:22:02.0141 Scan started 2011/01/21 22:22:02.0141 Mode: Manual; 2011/01/21 22:22:02.0141 ================================================================================ 2011/01/21 22:22:02.0937 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/21 22:22:02.0968 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/21 22:22:02.0984 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/21 22:22:03.0062 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 2011/01/21 22:22:03.0093 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/21 22:22:03.0124 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/21 22:22:03.0155 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/21 22:22:03.0186 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/21 22:22:03.0218 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/21 22:22:03.0249 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/21 22:22:03.0264 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/21 22:22:03.0280 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/21 22:22:03.0311 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/21 22:22:03.0342 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/21 22:22:03.0358 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/21 22:22:03.0389 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/21 22:22:03.0405 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/21 22:22:03.0452 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/21 22:22:03.0483 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/21 22:22:03.0514 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/21 22:22:03.0530 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/21 22:22:03.0592 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/21 22:22:03.0608 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/21 22:22:03.0639 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/21 22:22:03.0670 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/21 22:22:03.0686 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/21 22:22:03.0701 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/21 22:22:03.0717 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/21 22:22:03.0748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/21 22:22:03.0764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/21 22:22:03.0779 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/21 22:22:03.0795 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/21 22:22:03.0826 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/21 22:22:03.0857 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/21 22:22:03.0873 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/21 22:22:03.0904 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys 2011/01/21 22:22:03.0920 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/21 22:22:03.0951 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/21 22:22:03.0982 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/21 22:22:03.0998 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/21 22:22:04.0029 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/21 22:22:04.0044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/21 22:22:04.0060 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/21 22:22:04.0091 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/21 22:22:04.0122 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/21 22:22:04.0154 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/21 22:22:04.0169 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/21 22:22:04.0216 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/21 22:22:04.0247 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/21 22:22:04.0341 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/21 22:22:04.0481 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 2011/01/21 22:22:04.0528 ElbyCDIO (7984a82c1c373923330e6781f762d140) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/01/21 22:22:04.0575 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/21 22:22:04.0606 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/21 22:22:04.0637 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/21 22:22:04.0668 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/21 22:22:04.0715 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/21 22:22:04.0746 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/21 22:22:04.0762 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/21 22:22:04.0793 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/21 22:22:04.0809 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/21 22:22:04.0840 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/21 22:22:04.0856 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/21 22:22:04.0871 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/21 22:22:04.0902 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/21 22:22:04.0949 hcmon (b93b24f258441820e575c7983ba47313) C:\Windows\system32\drivers\hcmon.sys 2011/01/21 22:22:04.0980 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/21 22:22:04.0996 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/21 22:22:05.0012 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/21 22:22:05.0027 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/21 22:22:05.0043 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/21 22:22:05.0090 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/21 22:22:05.0136 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/21 22:22:05.0152 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/21 22:22:05.0183 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/21 22:22:05.0199 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/21 22:22:05.0230 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/21 22:22:05.0246 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/21 22:22:05.0324 IntcAzAudAddService (f2b52c7b1c8e6a4fc4c4564f4a421f23) C:\Windows\system32\drivers\RTKVHD64.sys 2011/01/21 22:22:05.0355 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/21 22:22:05.0370 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/21 22:22:05.0417 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/21 22:22:05.0448 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/21 22:22:05.0464 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/21 22:22:05.0480 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/21 22:22:05.0511 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/21 22:22:05.0526 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/21 22:22:05.0542 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/21 22:22:05.0558 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/21 22:22:05.0589 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/21 22:22:05.0604 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/21 22:22:05.0620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/21 22:22:05.0667 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/21 22:22:05.0698 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/21 22:22:05.0714 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/21 22:22:05.0729 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/21 22:22:05.0760 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/21 22:22:05.0776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/21 22:22:05.0807 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys 2011/01/21 22:22:05.0838 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys 2011/01/21 22:22:05.0885 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys 2011/01/21 22:22:05.0932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/21 22:22:05.0948 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/21 22:22:05.0979 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys 2011/01/21 22:22:06.0010 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys 2011/01/21 22:22:06.0072 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys 2011/01/21 22:22:06.0119 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys 2011/01/21 22:22:06.0166 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys 2011/01/21 22:22:06.0197 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys 2011/01/21 22:22:06.0244 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys 2011/01/21 22:22:06.0275 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/21 22:22:06.0306 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/21 22:22:06.0338 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/21 22:22:06.0369 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/21 22:22:06.0400 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/21 22:22:06.0416 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/21 22:22:06.0447 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/21 22:22:06.0462 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/21 22:22:06.0494 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/21 22:22:06.0509 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/21 22:22:06.0540 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/21 22:22:06.0556 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/21 22:22:06.0587 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/21 22:22:06.0603 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/21 22:22:06.0618 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/21 22:22:06.0634 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/21 22:22:06.0696 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/21 22:22:06.0712 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/21 22:22:06.0743 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/21 22:22:06.0774 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/21 22:22:06.0790 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/21 22:22:06.0821 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/21 22:22:06.0852 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/21 22:22:06.0868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/21 22:22:06.0899 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/21 22:22:06.0930 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/21 22:22:06.0962 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/21 22:22:06.0977 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/21 22:22:07.0008 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/21 22:22:07.0024 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/21 22:22:07.0040 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/21 22:22:07.0055 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/21 22:22:07.0086 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/21 22:22:07.0133 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/21 22:22:07.0149 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/21 22:22:07.0164 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/21 22:22:07.0211 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/21 22:22:07.0289 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/21 22:22:07.0320 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys 2011/01/21 22:22:07.0508 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/01/21 22:22:07.0570 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/21 22:22:07.0601 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/21 22:22:07.0617 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/21 22:22:07.0648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/21 22:22:07.0664 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/21 22:22:07.0695 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/21 22:22:07.0710 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/21 22:22:07.0742 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/21 22:22:07.0757 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/21 22:22:07.0773 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/21 22:22:07.0804 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/21 22:22:07.0991 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS 2011/01/21 22:22:08.0054 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/21 22:22:08.0085 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/21 22:22:08.0132 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/21 22:22:08.0147 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/01/21 22:22:08.0194 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/21 22:22:08.0241 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/21 22:22:08.0288 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/21 22:22:08.0303 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/21 22:22:08.0319 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/21 22:22:08.0350 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/21 22:22:08.0366 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/21 22:22:08.0381 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/21 22:22:08.0412 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/21 22:22:08.0428 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/21 22:22:08.0459 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/21 22:22:08.0475 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/21 22:22:08.0490 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/21 22:22:08.0522 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/21 22:22:08.0553 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/21 22:22:08.0600 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/21 22:22:08.0662 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/01/21 22:22:08.0693 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/21 22:22:08.0724 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/21 22:22:08.0756 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/21 22:22:08.0787 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/21 22:22:08.0818 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/21 22:22:08.0834 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/21 22:22:08.0865 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/21 22:22:08.0880 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/21 22:22:08.0896 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/21 22:22:08.0927 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/21 22:22:08.0943 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/21 22:22:08.0958 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/21 22:22:08.0990 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/21 22:22:09.0021 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/21 22:22:09.0083 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 2011/01/21 22:22:09.0083 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 2011/01/21 22:22:09.0099 sptd - detected Locked file (1) 2011/01/21 22:22:09.0114 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys 2011/01/21 22:22:09.0146 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/21 22:22:09.0177 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/21 22:22:09.0224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/21 22:22:09.0255 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/21 22:22:09.0333 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys 2011/01/21 22:22:09.0411 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/21 22:22:09.0458 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/21 22:22:09.0473 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/21 22:22:09.0504 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/21 22:22:09.0520 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/21 22:22:09.0551 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/21 22:22:09.0582 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/21 22:22:09.0614 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/21 22:22:09.0629 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/21 22:22:09.0645 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/21 22:22:09.0707 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/21 22:22:09.0723 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/21 22:22:09.0754 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/21 22:22:09.0801 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 2011/01/21 22:22:09.0816 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/21 22:22:09.0848 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/21 22:22:09.0879 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/21 22:22:09.0894 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/21 22:22:09.0910 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/21 22:22:09.0926 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/21 22:22:09.0941 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/21 22:22:09.0972 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/21 22:22:10.0019 VBoxDrv (4fe30ec910ba4d18d1b0e51c7780053c) C:\Windows\system32\DRIVERS\VBoxDrv.sys 2011/01/21 22:22:10.0082 VBoxNetAdp (47499fe912f0b4e7664f8498f2906f0e) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 2011/01/21 22:22:10.0097 VBoxNetFlt (032d3d3f93eef92fda895e87f28a0a0b) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 2011/01/21 22:22:10.0144 VBoxUSB (a8a9d6a510ef796192a0af95f1c2d2bb) C:\Windows\system32\Drivers\VBoxUSB.sys 2011/01/21 22:22:10.0175 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/21 22:22:10.0191 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/21 22:22:10.0222 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/21 22:22:10.0238 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/21 22:22:10.0269 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/21 22:22:10.0300 vmci (9bc38986a8f0e85f27cc18a196808f52) C:\Windows\system32\drivers\vmci.sys 2011/01/21 22:22:10.0362 vmkbd (ac9dc0f511c56125483a5fb385d0bc80) C:\Windows\system32\drivers\VMkbd.sys 2011/01/21 22:22:10.0378 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys 2011/01/21 22:22:10.0425 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys 2011/01/21 22:22:10.0472 VMnetuserif (b4686ed49494a4264e867a7938fad24b) C:\Windows\system32\drivers\vmnetuserif.sys 2011/01/21 22:22:10.0518 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys 2011/01/21 22:22:10.0550 vmx86 (4b4987b8850de542f23621b881b10342) C:\Windows\system32\drivers\vmx86.sys 2011/01/21 22:22:10.0565 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/21 22:22:10.0596 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/21 22:22:10.0612 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/21 22:22:10.0643 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/21 22:22:10.0737 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys 2011/01/21 22:22:10.0784 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/01/21 22:22:10.0830 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 2011/01/21 22:22:10.0846 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/21 22:22:10.0877 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys 2011/01/21 22:22:10.0908 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:22:10.0924 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:22:10.0955 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/21 22:22:11.0033 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/21 22:22:11.0127 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/21 22:22:11.0174 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/01/21 22:22:11.0189 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/21 22:22:11.0236 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/21 22:22:11.0267 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/21 22:22:11.0298 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/21 22:22:11.0330 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/21 22:22:11.0423 ================================================================================ 2011/01/21 22:22:11.0423 Scan finished 2011/01/21 22:22:11.0423 ================================================================================ 2011/01/21 22:22:11.0439 Detected object count: 1 2011/01/21 22:22:31.0828 Locked file(sptd) - User select action: Skip 2011/01/21 22:22:49.0893 ================================================================================ 2011/01/21 22:22:49.0893 Scan started 2011/01/21 22:22:49.0893 Mode: Manual; 2011/01/21 22:22:49.0893 ================================================================================ 2011/01/21 22:22:50.0064 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/21 22:22:50.0096 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/21 22:22:50.0111 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/21 22:22:50.0158 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 2011/01/21 22:22:50.0189 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/21 22:22:50.0205 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/21 22:22:50.0236 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/21 22:22:50.0267 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/21 22:22:50.0283 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/21 22:22:50.0345 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/21 22:22:50.0361 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/21 22:22:50.0408 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/21 22:22:50.0423 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/21 22:22:50.0470 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/21 22:22:50.0501 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/21 22:22:50.0517 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/21 22:22:50.0548 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/21 22:22:50.0579 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/21 22:22:50.0595 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/21 22:22:50.0626 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/21 22:22:50.0657 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/21 22:22:50.0720 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/21 22:22:50.0735 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/21 22:22:50.0766 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/21 22:22:50.0813 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/21 22:22:50.0829 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/21 22:22:50.0876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/21 22:22:50.0907 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/21 22:22:50.0954 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/21 22:22:50.0969 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/21 22:22:50.0985 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/21 22:22:51.0032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/21 22:22:51.0047 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/21 22:22:51.0094 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/21 22:22:51.0141 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/21 22:22:51.0188 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys 2011/01/21 22:22:51.0203 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/21 22:22:51.0234 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/21 22:22:51.0266 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/21 22:22:51.0281 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/21 22:22:51.0297 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/21 22:22:51.0312 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/21 22:22:51.0344 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/21 22:22:51.0375 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/21 22:22:51.0406 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/21 22:22:51.0422 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/21 22:22:51.0453 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/21 22:22:51.0484 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/21 22:22:51.0531 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/21 22:22:51.0609 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/21 22:22:51.0671 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 2011/01/21 22:22:51.0687 ElbyCDIO (7984a82c1c373923330e6781f762d140) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/01/21 22:22:51.0718 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/21 22:22:51.0749 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/21 22:22:51.0796 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/21 22:22:51.0827 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/21 22:22:51.0843 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/21 22:22:51.0890 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/21 22:22:51.0921 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/21 22:22:51.0952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/21 22:22:51.0983 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/21 22:22:51.0999 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/21 22:22:52.0046 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/21 22:22:52.0061 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/21 22:22:52.0077 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/21 22:22:52.0155 hcmon (b93b24f258441820e575c7983ba47313) C:\Windows\system32\drivers\hcmon.sys 2011/01/21 22:22:52.0170 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/21 22:22:52.0217 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/21 22:22:52.0233 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/21 22:22:52.0295 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/21 22:22:52.0311 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/21 22:22:52.0358 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/21 22:22:52.0373 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/21 22:22:52.0420 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/21 22:22:52.0451 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/21 22:22:52.0482 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/21 22:22:52.0514 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/21 22:22:52.0529 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/21 22:22:52.0607 IntcAzAudAddService (f2b52c7b1c8e6a4fc4c4564f4a421f23) C:\Windows\system32\drivers\RTKVHD64.sys 2011/01/21 22:22:52.0654 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/21 22:22:52.0670 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/21 22:22:52.0701 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/21 22:22:52.0732 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/21 22:22:52.0779 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/21 22:22:52.0794 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/21 22:22:52.0810 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/21 22:22:52.0841 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/21 22:22:52.0857 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/21 22:22:52.0888 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/21 22:22:52.0904 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/21 22:22:52.0919 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/21 22:22:52.0935 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/21 22:22:52.0966 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/21 22:22:52.0997 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/21 22:22:53.0028 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/21 22:22:53.0044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/21 22:22:53.0075 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/21 22:22:53.0106 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/21 22:22:53.0153 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys 2011/01/21 22:22:53.0184 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys 2011/01/21 22:22:53.0216 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys 2011/01/21 22:22:53.0278 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/21 22:22:53.0294 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/21 22:22:53.0325 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys 2011/01/21 22:22:53.0356 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys 2011/01/21 22:22:53.0403 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys 2011/01/21 22:22:53.0450 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys 2011/01/21 22:22:53.0496 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys 2011/01/21 22:22:53.0512 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys 2011/01/21 22:22:53.0574 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys 2011/01/21 22:22:53.0606 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/21 22:22:53.0652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/21 22:22:53.0668 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/21 22:22:53.0684 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/21 22:22:53.0699 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/21 22:22:53.0746 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/21 22:22:53.0762 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/21 22:22:53.0824 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/21 22:22:53.0840 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/21 22:22:53.0855 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/21 22:22:53.0871 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/21 22:22:53.0918 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/21 22:22:53.0949 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/21 22:22:53.0980 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/21 22:22:53.0996 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/21 22:22:54.0011 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/21 22:22:54.0058 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/21 22:22:54.0089 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/21 22:22:54.0105 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/21 22:22:54.0136 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/21 22:22:54.0152 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/21 22:22:54.0183 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/21 22:22:54.0214 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/21 22:22:54.0245 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/21 22:22:54.0292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/21 22:22:54.0323 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/21 22:22:54.0354 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/21 22:22:54.0370 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/21 22:22:54.0401 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/21 22:22:54.0432 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/21 22:22:54.0448 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/21 22:22:54.0479 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/21 22:22:54.0510 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/21 22:22:54.0542 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/21 22:22:54.0573 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/21 22:22:54.0604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/21 22:22:54.0651 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/21 22:22:54.0682 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/21 22:22:54.0713 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys 2011/01/21 22:22:54.0885 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/01/21 22:22:54.0947 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/21 22:22:54.0978 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/21 22:22:54.0994 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/21 22:22:55.0025 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/21 22:22:55.0072 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/21 22:22:55.0103 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/21 22:22:55.0134 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/21 22:22:55.0150 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/21 22:22:55.0181 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/21 22:22:55.0197 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/21 22:22:55.0244 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/21 22:22:55.0322 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS 2011/01/21 22:22:55.0368 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/21 22:22:55.0384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/21 22:22:55.0446 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/21 22:22:55.0462 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/01/21 22:22:55.0509 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/21 22:22:55.0524 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/21 22:22:55.0571 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/21 22:22:55.0587 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/21 22:22:55.0634 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/21 22:22:55.0665 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/21 22:22:55.0696 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/21 22:22:55.0712 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/21 22:22:55.0758 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/21 22:22:55.0790 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/21 22:22:55.0821 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/21 22:22:55.0868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/21 22:22:55.0883 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/21 22:22:55.0914 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/21 22:22:55.0946 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/21 22:22:55.0961 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/21 22:22:56.0039 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/01/21 22:22:56.0070 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/21 22:22:56.0102 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/21 22:22:56.0148 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/21 22:22:56.0164 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/21 22:22:56.0180 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/21 22:22:56.0211 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/21 22:22:56.0258 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/21 22:22:56.0273 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/21 22:22:56.0289 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/21 22:22:56.0336 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/21 22:22:56.0351 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/21 22:22:56.0398 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/21 22:22:56.0414 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/21 22:22:56.0476 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/21 22:22:56.0538 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 2011/01/21 22:22:56.0538 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 2011/01/21 22:22:56.0538 sptd - detected Locked file (1) 2011/01/21 22:22:56.0554 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys 2011/01/21 22:22:56.0585 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/21 22:22:56.0601 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/21 22:22:56.0632 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/21 22:22:56.0679 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/21 22:22:56.0757 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys 2011/01/21 22:22:56.0804 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/21 22:22:56.0835 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/21 22:22:56.0866 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/21 22:22:56.0897 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/21 22:22:56.0913 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/21 22:22:56.0960 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/21 22:22:57.0006 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/21 22:22:57.0022 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/21 22:22:57.0038 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/21 22:22:57.0100 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/21 22:22:57.0131 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/21 22:22:57.0147 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/21 22:22:57.0209 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/21 22:22:57.0240 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 2011/01/21 22:22:57.0256 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/21 22:22:57.0287 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/21 22:22:57.0318 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/21 22:22:57.0334 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/21 22:22:57.0350 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/21 22:22:57.0396 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/21 22:22:57.0412 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/21 22:22:57.0459 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/21 22:22:57.0490 VBoxDrv (4fe30ec910ba4d18d1b0e51c7780053c) C:\Windows\system32\DRIVERS\VBoxDrv.sys 2011/01/21 22:22:57.0552 VBoxNetAdp (47499fe912f0b4e7664f8498f2906f0e) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 2011/01/21 22:22:57.0599 VBoxNetFlt (032d3d3f93eef92fda895e87f28a0a0b) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 2011/01/21 22:22:57.0646 VBoxUSB (a8a9d6a510ef796192a0af95f1c2d2bb) C:\Windows\system32\Drivers\VBoxUSB.sys 2011/01/21 22:22:57.0662 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/21 22:22:57.0693 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/21 22:22:57.0708 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/21 22:22:57.0755 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/21 22:22:57.0771 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/21 22:22:57.0818 vmci (9bc38986a8f0e85f27cc18a196808f52) C:\Windows\system32\drivers\vmci.sys 2011/01/21 22:22:57.0849 vmkbd (ac9dc0f511c56125483a5fb385d0bc80) C:\Windows\system32\drivers\VMkbd.sys 2011/01/21 22:22:57.0880 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys 2011/01/21 22:22:57.0911 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys 2011/01/21 22:22:57.0958 VMnetuserif (b4686ed49494a4264e867a7938fad24b) C:\Windows\system32\drivers\vmnetuserif.sys 2011/01/21 22:22:57.0989 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys 2011/01/21 22:22:58.0036 vmx86 (4b4987b8850de542f23621b881b10342) C:\Windows\system32\drivers\vmx86.sys 2011/01/21 22:22:58.0052 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/21 22:22:58.0098 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/21 22:22:58.0130 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/21 22:22:58.0145 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/21 22:22:58.0239 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys 2011/01/21 22:22:58.0286 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/01/21 22:22:58.0348 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 2011/01/21 22:22:58.0379 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/21 22:22:58.0410 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys 2011/01/21 22:22:58.0457 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:22:58.0457 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:22:58.0504 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/21 22:22:58.0535 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/21 22:22:58.0613 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/21 22:22:58.0676 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/01/21 22:22:58.0707 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/21 22:22:58.0785 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/21 22:22:58.0832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/21 22:22:58.0894 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/21 22:22:58.0941 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/21 22:22:59.0066 ================================================================================ 2011/01/21 22:22:59.0066 Scan finished 2011/01/21 22:22:59.0066 ================================================================================ 2011/01/21 22:22:59.0081 Detected object count: 1 2011/01/21 22:23:07.0302 Locked file(sptd) - User select action: Skip 2011/01/21 22:23:11.0280 Deinitialize success
  8. Platzounet
    Voilà le log de TDSSKIller 2011/01/21 22:08:44.0824 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51 2011/01/21 22:08:44.0824 ================================================================================ 2011/01/21 22:08:44.0824 SystemInfo: 2011/01/21 22:08:44.0824 2011/01/21 22:08:44.0824 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/21 22:08:44.0824 Product type: Workstation 2011/01/21 22:08:44.0824 ComputerName: OLIVE-FIXE 2011/01/21 22:08:44.0824 UserName: Olivier Martin 2011/01/21 22:08:44.0824 Windows directory: C:\Windows 2011/01/21 22:08:44.0824 System windows directory: C:\Windows 2011/01/21 22:08:44.0824 Running under WOW64 2011/01/21 22:08:44.0824 Processor architecture: Intel x64 2011/01/21 22:08:44.0824 Number of processors: 2 2011/01/21 22:08:44.0824 Page size: 0x1000 2011/01/21 22:08:44.0824 Boot type: Normal boot 2011/01/21 22:08:44.0824 ================================================================================ 2011/01/21 22:08:44.0824 Utility is running under WOW64 2011/01/21 22:08:46.0696 Initialize success 2011/01/21 22:08:55.0806 ================================================================================ 2011/01/21 22:08:55.0806 Scan started 2011/01/21 22:08:55.0806 Mode: Manual; 2011/01/21 22:08:55.0806 ================================================================================ 2011/01/21 22:08:56.0399 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/21 22:08:56.0430 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/21 22:08:56.0446 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/21 22:08:56.0508 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys 2011/01/21 22:08:56.0555 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/21 22:08:56.0571 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/21 22:08:56.0602 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/21 22:08:56.0680 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/21 22:08:56.0711 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/21 22:08:56.0742 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/21 22:08:56.0758 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/21 22:08:56.0774 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/21 22:08:56.0789 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/21 22:08:56.0805 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/21 22:08:56.0836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/21 22:08:56.0852 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/21 22:08:56.0883 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/21 22:08:56.0914 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/21 22:08:56.0930 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/21 22:08:56.0976 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/21 22:08:56.0992 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/21 22:08:57.0039 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/21 22:08:57.0070 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/21 22:08:57.0101 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/21 22:08:57.0117 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/21 22:08:57.0148 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/21 22:08:57.0164 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/21 22:08:57.0179 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/21 22:08:57.0210 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/21 22:08:57.0226 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/21 22:08:57.0273 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/21 22:08:57.0288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/21 22:08:57.0304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/21 22:08:57.0335 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/21 22:08:57.0366 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/21 22:08:57.0398 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys 2011/01/21 22:08:57.0413 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/21 22:08:57.0444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/21 22:08:57.0460 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/21 22:08:57.0476 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/21 22:08:57.0491 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/21 22:08:57.0507 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/21 22:08:57.0538 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/21 22:08:57.0554 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/21 22:08:57.0600 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/21 22:08:57.0616 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/21 22:08:57.0632 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/21 22:08:57.0678 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/21 22:08:57.0710 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/21 22:08:57.0788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/21 22:08:57.0928 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 2011/01/21 22:08:57.0959 ElbyCDIO (7984a82c1c373923330e6781f762d140) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/01/21 22:08:58.0006 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/21 22:08:58.0037 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/21 22:08:58.0084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/21 22:08:58.0100 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/21 22:08:58.0131 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/21 22:08:58.0162 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/21 22:08:58.0193 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/21 22:08:58.0224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/21 22:08:58.0256 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/21 22:08:58.0271 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/21 22:08:58.0287 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/21 22:08:58.0318 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/21 22:08:58.0334 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/21 22:08:58.0396 hcmon (b93b24f258441820e575c7983ba47313) C:\Windows\system32\drivers\hcmon.sys 2011/01/21 22:08:58.0412 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/21 22:08:58.0427 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/21 22:08:58.0458 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/21 22:08:58.0474 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/21 22:08:58.0490 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/21 22:08:58.0521 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/21 22:08:58.0552 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/21 22:08:58.0568 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/21 22:08:58.0599 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/21 22:08:58.0614 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/21 22:08:58.0646 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/21 22:08:58.0661 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/21 22:08:58.0739 IntcAzAudAddService (f2b52c7b1c8e6a4fc4c4564f4a421f23) C:\Windows\system32\drivers\RTKVHD64.sys 2011/01/21 22:08:58.0770 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/21 22:08:58.0786 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/21 22:08:58.0833 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/21 22:08:58.0864 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/21 22:08:58.0880 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/21 22:08:58.0895 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/21 22:08:58.0926 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/21 22:08:58.0958 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/21 22:08:58.0973 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/21 22:08:58.0989 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/21 22:08:59.0020 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/21 22:08:59.0036 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/21 22:08:59.0051 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/21 22:08:59.0082 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/21 22:08:59.0114 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/21 22:08:59.0145 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/21 22:08:59.0160 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/21 22:08:59.0176 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/21 22:08:59.0207 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/21 22:08:59.0254 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys 2011/01/21 22:08:59.0285 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys 2011/01/21 22:08:59.0332 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys 2011/01/21 22:08:59.0394 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/21 22:08:59.0426 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/21 22:08:59.0441 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys 2011/01/21 22:08:59.0488 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys 2011/01/21 22:08:59.0535 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys 2011/01/21 22:08:59.0566 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys 2011/01/21 22:08:59.0613 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys 2011/01/21 22:08:59.0644 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys 2011/01/21 22:08:59.0691 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys 2011/01/21 22:08:59.0722 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/21 22:08:59.0909 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/21 22:08:59.0940 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/21 22:08:59.0956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/21 22:08:59.0972 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/21 22:09:00.0003 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/21 22:09:00.0034 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/21 22:09:00.0050 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/21 22:09:00.0081 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/21 22:09:00.0096 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/21 22:09:00.0112 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/21 22:09:00.0143 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/21 22:09:00.0159 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/21 22:09:00.0190 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/21 22:09:00.0221 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/21 22:09:00.0237 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/21 22:09:00.0284 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/21 22:09:00.0299 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/21 22:09:00.0330 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/21 22:09:00.0346 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/21 22:09:00.0377 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/21 22:09:00.0408 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/21 22:09:00.0424 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/21 22:09:00.0440 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/21 22:09:00.0471 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/21 22:09:00.0502 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/21 22:09:00.0533 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/21 22:09:00.0549 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/21 22:09:00.0580 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/21 22:09:00.0611 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/21 22:09:00.0642 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/21 22:09:00.0658 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/21 22:09:00.0674 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/21 22:09:00.0720 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/21 22:09:00.0736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/21 22:09:00.0752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/21 22:09:00.0798 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/21 22:09:00.0845 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/21 22:09:00.0876 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys 2011/01/21 22:09:01.0079 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/01/21 22:09:01.0142 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/21 22:09:01.0157 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/21 22:09:01.0188 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/21 22:09:01.0204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/21 22:09:01.0235 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/21 22:09:01.0251 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/21 22:09:01.0282 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/21 22:09:01.0298 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/21 22:09:01.0329 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/21 22:09:01.0344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/21 22:09:01.0376 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/21 22:09:01.0469 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS 2011/01/21 22:09:01.0547 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/21 22:09:01.0563 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/21 22:09:01.0594 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/21 22:09:01.0625 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/01/21 22:09:01.0656 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/21 22:09:01.0703 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/21 22:09:01.0734 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/21 22:09:01.0750 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/21 22:09:01.0766 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/21 22:09:01.0797 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/21 22:09:01.0812 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/21 22:09:01.0828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/21 22:09:01.0859 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/21 22:09:01.0890 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/21 22:09:01.0906 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/21 22:09:01.0922 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/21 22:09:01.0937 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/21 22:09:01.0968 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/21 22:09:02.0000 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/21 22:09:02.0031 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/21 22:09:02.0093 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/01/21 22:09:02.0124 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/21 22:09:02.0156 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/21 22:09:02.0202 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/21 22:09:02.0218 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/21 22:09:02.0234 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/21 22:09:02.0249 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/21 22:09:02.0280 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/21 22:09:02.0312 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/21 22:09:02.0327 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/21 22:09:02.0343 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/21 22:09:02.0374 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/21 22:09:02.0390 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/21 22:09:02.0405 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/21 22:09:02.0436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/21 22:09:02.0514 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 2011/01/21 22:09:02.0514 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 2011/01/21 22:09:02.0514 sptd - detected Locked file (1) 2011/01/21 22:09:02.0561 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys 2011/01/21 22:09:02.0592 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/21 22:09:02.0624 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/21 22:09:02.0670 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/21 22:09:02.0686 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/21 22:09:02.0764 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys 2011/01/21 22:09:02.0811 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/21 22:09:02.0842 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/21 22:09:02.0873 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/21 22:09:02.0889 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/21 22:09:02.0904 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/21 22:09:02.0920 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/21 22:09:02.0998 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/21 22:09:03.0045 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/21 22:09:03.0060 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/21 22:09:03.0092 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/21 22:09:03.0138 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/21 22:09:03.0154 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/21 22:09:03.0185 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/21 22:09:03.0232 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 2011/01/21 22:09:03.0248 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/21 22:09:03.0279 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/21 22:09:03.0310 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/21 22:09:03.0326 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/21 22:09:03.0341 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/21 22:09:03.0388 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/21 22:09:03.0404 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/21 22:09:03.0435 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/21 22:09:03.0482 VBoxDrv (4fe30ec910ba4d18d1b0e51c7780053c) C:\Windows\system32\DRIVERS\VBoxDrv.sys 2011/01/21 22:09:03.0528 VBoxNetAdp (47499fe912f0b4e7664f8498f2906f0e) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 2011/01/21 22:09:03.0544 VBoxNetFlt (032d3d3f93eef92fda895e87f28a0a0b) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 2011/01/21 22:09:03.0591 VBoxUSB (a8a9d6a510ef796192a0af95f1c2d2bb) C:\Windows\system32\Drivers\VBoxUSB.sys 2011/01/21 22:09:03.0622 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/21 22:09:03.0638 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/21 22:09:03.0669 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/21 22:09:03.0684 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/21 22:09:03.0700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/21 22:09:03.0731 vmci (9bc38986a8f0e85f27cc18a196808f52) C:\Windows\system32\drivers\vmci.sys 2011/01/21 22:09:03.0794 vmkbd (ac9dc0f511c56125483a5fb385d0bc80) C:\Windows\system32\drivers\VMkbd.sys 2011/01/21 22:09:03.0809 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys 2011/01/21 22:09:03.0856 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys 2011/01/21 22:09:03.0887 VMnetuserif (b4686ed49494a4264e867a7938fad24b) C:\Windows\system32\drivers\vmnetuserif.sys 2011/01/21 22:09:03.0934 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys 2011/01/21 22:09:03.0965 vmx86 (4b4987b8850de542f23621b881b10342) C:\Windows\system32\drivers\vmx86.sys 2011/01/21 22:09:03.0981 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/21 22:09:04.0012 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/21 22:09:04.0043 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/21 22:09:04.0074 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/21 22:09:04.0168 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys 2011/01/21 22:09:04.0215 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2011/01/21 22:09:04.0246 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys 2011/01/21 22:09:04.0277 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/21 22:09:04.0308 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys 2011/01/21 22:09:04.0340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:09:04.0355 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/21 22:09:04.0386 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/21 22:09:04.0418 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/21 22:09:04.0480 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/21 22:09:04.0542 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/01/21 22:09:04.0558 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/21 22:09:04.0605 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/21 22:09:04.0652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/21 22:09:04.0683 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/21 22:09:04.0698 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/21 22:09:04.0745 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/01/21 22:09:04.0792 ================================================================================ 2011/01/21 22:09:04.0792 Scan finished 2011/01/21 22:09:04.0792 ================================================================================ 2011/01/21 22:09:04.0792 Detected object count: 2 2011/01/21 22:09:13.0544 Locked file(sptd) - User select action: Skip 2011/01/21 22:09:13.0575 \HardDisk1 - will be cured after reboot 2011/01/21 22:09:13.0575 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure 2011/01/21 22:09:18.0848 Deinitialize success
  9. Platzounet
    J'ai lancé OTL, il a demandé de redémarrer, est l'ordi a planté au moment d'ouvrir la session. Le reredémarrage c'est bien passé, je te joins le log qui était ouvert au redémarrage. Daemon Tools affiche un message d'erreur mais je peux le réinstaller (ou le virer) Question: (si t'as le temps) pourquoi as-tu touché à Druide? Bien vu pour le dossier C:\32788R22FWJFW\ je ne l'avais même pas remarqué... ça avait l'air méchant ce truc... All processes killed ========== FILES ========== C:\Program Files (x86)\Druide\Antidote 7\Texteurs\WordPerfect folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Word folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Thunderbird folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\PowerPoint folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\OutlookExpress folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Outlook folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\OpenOffice.org folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Internet Explorer folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\InDesign folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\InCopy folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Illustrator folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\GroupWise folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Firefox folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Excel folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Texteurs folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\phonon_backend folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\accessible folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Librairies folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Extensions folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Programmes32 folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\Thunderbird folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\StarOffice folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\OpenOffice.org folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\Firefox folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\PanneauxDetails folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\Html folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\Grammaire\images folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\Grammaire folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\Configuration folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\Combinatoire2 folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees\AffichageDictionnaires folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Donnees folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation\Images folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs\Api com\Exemple folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs\Api com folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation\Documents d'évaluation folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7\Documentation folder moved successfully. C:\Program Files (x86)\Druide\Antidote 7 folder moved successfully. C:\Program Files (x86)\Druide folder moved successfully. C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully. C:\32788R22FWJFW\N_ folder moved successfully. C:\32788R22FWJFW\License folder moved successfully. C:\32788R22FWJFW\EN-US folder moved successfully. C:\32788R22FWJFW folder moved successfully. C:\ProgramData\.zreglib moved successfully. File\Folder C:\Users\Oliv-S~1\AppData\Local\Temp\setup783426956.exe not found. File\Folder C:\Users\Oliv-S~1\AppData\Local\Temp\setup3803102088.exe not found. ========== OTL ========== No active process named Program Files was found! Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 removed from extensions.enabledItems 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\orifvabo\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\rsmoanxwce.exe\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Olivier Martin ->Temp folder emptied: 36064 bytes ->Temporary Internet Files folder emptied: 3365787 bytes ->Java cache emptied: 73021532 bytes ->FireFox cache emptied: 61875876 bytes ->Google Chrome cache emptied: 819568 bytes ->Flash cache emptied: 6072 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 13263 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50607 bytes RecycleBin emptied: 602 bytes Total Files Cleaned = 133,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Olivier Martin ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.3 log created on 01212011_205744 Files\Folders moved on Reboot... C:\Users\Olivier Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Windows\temp\vmware-Système-2077491091\vmware-usbarb-Système-1288.log moved successfully. Registry entries deleted on Reboot...
  10. Platzounet
    Et voilà le log de Extras.txt Merci pour ton aide OTL Extras logfile created on: 21/01/2011 18:54:45 - Run 1 OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Olivier Martin\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 689,44 Gb Total Space | 402,65 Gb Free Space | 58,40% Space Free | Partition Type: NTFS Drive D: | 698,63 Gb Total Space | 148,36 Gb Free Space | 21,24% Space Free | Partition Type: NTFS Drive K: | 298,02 Gb Total Space | 103,49 Gb Free Space | 34,73% Space Free | Partition Type: FAT32 Drive L: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,36% Space Free | Partition Type: FAT Computer Name: OLIVE-FIXE | User Name: Olivier Martin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{23D0BEFD-26D3-4700-A012-1277B591C1E1}" = Hébreu avec clavier français — Michael Langlois — 1.3 "{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java 6 Update 14 (64-bit) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{41EB316A-D0D6-4F0B-8E20-1F975FE87238}" = Adobe InDesign CS4 Icon Handler x64 "{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}" = Adobe PDF iFilter 9 for 64-bit platforms "{622CE786-0974-404C-AE68-E41CA3FBF555}" = Syriaque avec clavier français — Michael Langlois — 1.4 "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1" = Adobe Reader 64-bit fixes "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{CC95E3FF-822B-47CD-9B4D-C89536615461}" = Oracle VM VirtualBox 3.2.8 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DA8041CD-904C-4FB6-8EAB-C390663F0046}" = Grec avec clavier français — Michael Langlois — 1.2 "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "Defraggler" = Defraggler "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd "{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 23 "{304C91E3-C95D-4785-8EA8-5AAAA88FA3B4}" = WinSoftME "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3D45A3B6-BC6D-4F7A-B311-2C4773530D68}" = Suite Shared Configuration CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E0D6B4E-99E6-445F-B83D-E13638CA2008}" = Adobe InDesign CS4 Icon Handler "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker "{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter "{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup "{56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}" = Antidote HD "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4 "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{68249B78-B714-11D7-88E8-0050DA21757E}" = Environnement d'exécution Java 2, Standard Edition v1.3.1_18 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{78C2BDCD-79EB-4151-A113-C06E9A9678D6}" = Adobe Update Manager CS4 "{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn "{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris "{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2009.10.22 "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1.2 - Français "{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B7F12CF1-B81C-47C9-835C-5486ED89B8CE}" = Adobe InDesign CS4 Common Base Files "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content "{C9FDFA53-88D0-42C6-94E8-244016267C50}" = Adobe InDesign CS4 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4 "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4 "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4 "{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby "{EEA247F1-C478-405A-B59A-C29585D8DF27}" = Adobe InDesign CS4 Application Feature Set Files (Middle-Eastern) "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F49C5BB6-77AF-40EA-AD40-C54FDB05803D}" = Adobe Setup "{F5CD130F-5789-4D38-8762-FFBEBA896805}" = BibleWorks 6 "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{F8C669F9-91F8-48C4-8E52-742FA6B855D4}" = Dead Sea Scrolls Electronic Library "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4 "Adobe_95e0cc74dbf32662d4445ac1ef67d56" = Adobe InDesign CS4 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "Ad-Remover" = Ad-Remover By C_XX "Akamai" = Akamai NetSession Interface "CCleaner" = CCleaner "CloneCD" = CloneCD "DVD Shrink_is1" = DVD Shrink 3.2 "FileZilla Client" = FileZilla Client 3.3.0.1 "GanttProject" = GanttProject "InfraRecorder" = InfraRecorder "Inkscape" = Inkscape 0.48.0 "ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper "JDownloader" = JDownloader "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7) "MSC" = McAfee SecurityCenter "PC Library" = PC Library "PROPLUS" = Microsoft Office Professional Plus 2007 "SyncBack_is1" = SyncBack "Tablet Driver" = Tablette "The Word" = theWord "VLC media player" = VLC media player 1.1.4 "VMware_Workstation" = VMware Workstation "WinLiveSuite_Wave3" = Installation Windows Live "Yahoo! Messenger" = Yahoo! Messenger "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Hex Editor Neo 4.95 "Inscriptifact 8.0.0" = Inscriptifact 8.0.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 12/01/2011 12:26:30 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 12/01/2011 12:27:19 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non valide. Error - 13/01/2011 09:46:49 | Computer Name = OLIVE-FIXE | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante svchost.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc3c1 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc000001d Décalage d’erreur : 0x0000000001cb516c ID du processus défaillant : 0x354 Heure de début de l’application défaillante : 0x01cbb327d489dcf9 Chemin d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès du module défaillant: unknown ID de rapport : 9162d50a-1f1b-11e0-ae18-005056c00008 Error - 13/01/2011 09:46:49 | Computer Name = OLIVE-FIXE | Source = Application Error | ID = 1005 Description = Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Processus hôte pour les services Windows en raison de cette erreur. Programme : Processus hôte pour les services Windows Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : 00000000 Type du disque : 0 Error - 13/01/2011 10:09:37 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 13/01/2011 10:11:05 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 13/01/2011 10:11:54 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non valide. Error - 14/01/2011 06:31:59 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842815 Description = La création du contexte d’activation a échoué pour « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR » de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide. Error - 14/01/2011 06:33:09 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL » à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". La définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 14/01/2011 06:33:44 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811 Description = La création du contexte d’activation a échoué pour « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non valide. [ Media Center Events ] Error - 31/01/2010 03:34:08 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 08:34:06 - Échec de la récupération de MCESpotlight (Erreur : Impossible de se connecter au serveur distant) Error - 05/03/2010 02:38:23 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:38:23 - Erreur de connexion à Internet. 07:38:23 - Impossible de contacter le service.. Error - 05/03/2010 02:39:37 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:39:16 - Échec de la récupération de MCEClientUX (Erreur : Impossible de se connecter au serveur distant) Error - 05/03/2010 02:40:04 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:40:00 - Échec de la récupération de Broadband (Erreur : Impossible de se connecter au serveur distant) Error - 06/03/2010 02:21:43 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:21:43 - Échec de la récupération de Directory (Erreur : Impossible de se connecter au serveur distant) Error - 06/03/2010 02:22:47 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:22:26 - Échec de la récupération de MCESpotlight (Erreur : Impossible de se connecter au serveur distant) Error - 06/03/2010 02:23:10 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 07:23:08 - Échec de la récupération de MCEClientUX (Erreur : Impossible de se connecter au serveur distant) Error - 26/05/2010 12:34:44 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 18:34:44 - Échec de la récupération de Directory (Erreur : Impossible de se connecter au serveur distant) Error - 26/05/2010 12:35:47 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 18:35:26 - Échec de la récupération de MCESpotlight (Erreur : Impossible de se connecter au serveur distant) Error - 26/05/2010 12:36:10 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0 Description = 18:36:08 - Échec de la récupération de MCEClientUX (Erreur : Impossible de se connecter au serveur distant) [ OSession Events ] Error - 23/01/2010 11:28:23 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash. Error - 23/01/2010 11:29:34 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39 seconds with 0 seconds of active time. This session ended with a crash. Error - 23/01/2010 11:39:21 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 237 seconds with 120 seconds of active time. This session ended with a crash. Error - 23/01/2010 11:40:09 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39 seconds with 0 seconds of active time. This session ended with a crash. Error - 28/01/2010 04:38:17 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 38423 seconds with 120 seconds of active time. This session ended with a crash. Error - 27/05/2010 16:50:28 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 45105 seconds with 11280 seconds of active time. This session ended with a crash. Error - 15/06/2010 05:16:41 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 723 seconds with 60 seconds of active time. This session ended with a crash. Error - 10/01/2011 17:55:57 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 704 seconds with 0 seconds of active time. This session ended with a crash. Error - 16/01/2011 19:02:36 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 47381 seconds with 600 seconds of active time. This session ended with a crash. Error - 17/01/2011 13:54:42 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5640 seconds with 1680 seconds of active time. This session ended with a crash. [ System Events ] Error - 27/08/2010 01:34:35 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060 Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 27/08/2010 01:40:46 | Computer Name = OLIVE-FIXE | Source = Service Control Manager | ID = 7000 Description = Le service McAfee Inc. mferkdk n’a pas pu démarrer en raison de l’erreur : %%127 Error - 28/08/2010 04:51:08 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060 Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 28/08/2010 04:59:22 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060 Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 29/08/2010 04:03:23 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433 Description = Error - 29/08/2010 06:34:06 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433 Description = Error - 29/08/2010 08:31:15 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433 Description = Error - 30/08/2010 18:21:34 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060 Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 30/08/2010 18:21:37 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060 Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre logiciel pour obtenir une version compatible du pilote. Error - 31/08/2010 02:07:28 | Computer Name = OLIVE-FIXE | Source = Service Control Manager | ID = 7011 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service lmhosts. < End of report >
  11. Platzounet
    Voilà le Log de OTL.txt OTL logfile created on: 21/01/2011 18:54:45 - Run 1 OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Olivier Martin\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 689,44 Gb Total Space | 402,65 Gb Free Space | 58,40% Space Free | Partition Type: NTFS Drive D: | 698,63 Gb Total Space | 148,36 Gb Free Space | 21,24% Space Free | Partition Type: NTFS Drive K: | 298,02 Gb Total Space | 103,49 Gb Free Space | 34,73% Space Free | Partition Type: FAT32 Drive L: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,36% Space Free | Partition Type: FAT Computer Name: OLIVE-FIXE | User Name: Olivier Martin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Olivier Martin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe () PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote .exe (Druide informatique inc.) PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray .exe (Adobe Systems Inc.) PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd) PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Modules (SafeList) ========== MOD - C:\Users\Olivier Martin\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SRV:64bit: - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (TabletService) -- C:\Windows\SysNative\Tablet.exe (Wacom Technology, Corp.) SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_dbc0250.dll () SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.) DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.) DRV - (VBoxMouse) -- C:\Windows\SysWOW64\drivers\VBoxMouse.sys (Sun Microsystems, Inc.) DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.10.04 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2010/10/22 13:30:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/10 10:55:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/17 17:17:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/12/18 10:40:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/02/24 13:39:22 | 000,000,000 | ---D | M] [2010/08/19 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions [2010/08/19 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/01/21 16:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Firefox\Profiles\monl468j.default\extensions [2010/02/04 23:06:40 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Firefox\Profiles\monl468j.default\extensions\zotero@chnm.gmu.edu [2011/01/17 17:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/01/15 00:15:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011/01/17 17:17:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010/10/22 13:30:15 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX [2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll [2010/08/01 10:54:38 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml [2010/08/01 10:54:38 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/08/01 10:54:38 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml [2010/08/01 10:54:38 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/08/01 10:54:38 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/11/21 15:43:08 | 000,001,269 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL () O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll (McAfee, Inc.) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll (McAfee, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe () O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe () O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe () O4 - HKLM..\Run: [agentantidote.exe] C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe () O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8:64bit: - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 1.3.1_18) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell - "" = AutoRun O33 - MountPoints2\{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell\AutoRun\command - "" = J:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpReg: CloneCDTray - hkey= - key= - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe () MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) MsConfig:64bit - StartUpReg: orifvabo - hkey= - key= - File not found MsConfig:64bit - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: rsmoanxwce.exe - hkey= - key= - File not found MsConfig:64bit - StartUpReg: vmware-tray - hkey= - key= - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe () MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootMin:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SafeBootNet:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) SafeBootNet:64bit: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.) SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F075FCA7-11EB-D980-9340-46FA6AA5A097} - Microsoft Windows Media Player ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {1531D2C9-11EE-753B-EA45-36160E93951D} - Browser Customizations ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8E1D9CF6-37EC-E1C0-2D8A-D31F35163B1F} - Microsoft Windows Media Player ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation) Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2011/01/21 18:52:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Olivier Martin\Desktop\OTL.exe [2011/01/21 16:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\SafeNet Sentinel [2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\AnyDVDHD [2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\Adobe [2011/01/17 20:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover [2011/01/17 20:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2011/01/17 20:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/01/17 19:08:36 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2011/01/17 17:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/01/17 17:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/01/17 17:17:54 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/01/17 17:17:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/01/17 17:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/01/17 17:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/01/17 15:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/01/17 15:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/01/17 15:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/01/13 20:11:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011/01/13 20:11:46 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011/01/03 09:30:28 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GanttProject [2011/01/03 09:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject [2011/01/03 09:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GanttProject [2011/01/03 09:25:31 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d ========== Files - Modified Within 30 Days ========== [2011/01/21 18:52:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olivier Martin\Desktop\OTL.exe [2011/01/21 18:16:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/01/21 18:16:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/01/21 17:41:31 | 001,559,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/21 17:41:31 | 000,711,544 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/21 17:41:31 | 000,613,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/21 17:41:31 | 000,133,186 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/21 17:41:31 | 000,108,472 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/21 16:40:28 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 16:40:28 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/21 16:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/21 16:32:58 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys [2011/01/21 15:55:28 | 492,092,070 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/01/21 13:47:49 | 000,001,484 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110121_134743.reg [2011/01/21 12:08:49 | 000,003,328 | ---- | M] () -- C:\Users\Olivier Martin\.ganttproject [2011/01/21 12:05:53 | 000,007,545 | ---- | M] () -- C:\Users\Olivier Martin\Documents\Projet Travail.gan [2011/01/21 09:53:40 | 000,001,115 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Vidéos - Raccourci.lnk [2011/01/20 16:46:44 | 000,013,031 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Sir 25.docx [2011/01/20 15:39:44 | 000,007,623 | ---- | M] () -- C:\Users\Olivier Martin\AppData\Local\resmon.resmoncfg [2011/01/17 20:26:18 | 000,001,897 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\AD-R.lnk [2011/01/17 20:20:17 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/01/17 20:20:15 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/01/17 20:20:15 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/01/17 15:56:47 | 000,001,264 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk [2011/01/17 15:44:10 | 000,000,036 | ---- | M] () -- C:\Users\Olivier Martin\AppData\Local\housecall.guid.cache [2011/01/17 15:39:08 | 000,001,246 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110117_153903.reg [2011/01/16 09:33:45 | 000,008,430 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110116_093337.reg [2011/01/15 14:46:57 | 000,000,112 | ---- | M] () -- C:\ProgramData\y32s3LDu.dat [2011/01/13 20:11:46 | 000,003,031 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\HiJackThis.lnk [2011/01/13 16:41:57 | 000,000,162 | -H-- | M] () -- C:\Users\Olivier Martin\Desktop\~$vre à acheter.doc [2011/01/13 14:47:27 | 000,022,442 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110113_144720.reg [2011/01/09 02:40:34 | 000,017,728 | ---- | M] () -- C:\Windows\bw600.ini [2011/01/09 02:40:34 | 000,000,890 | ---- | M] () -- C:\Windows\BW6Dir.ini [2011/01/03 15:31:35 | 000,033,280 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Livre à acheter.doc [2011/01/03 09:30:29 | 000,001,965 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\GanttProject.lnk [2010/12/30 14:34:29 | 000,000,162 | -H-- | M] () -- C:\Users\Olivier Martin\Desktop\~$Sir 25.docx [2010/12/27 22:46:17 | 000,226,666 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\courir.pdf [2010/12/27 15:29:24 | 4002,405,218 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Corse2010.avi [2010/12/27 12:02:11 | 000,003,326 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\corse2010.xmp ========== Files Created - No Company Name ========== [2011/01/21 15:55:28 | 492,092,070 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011/01/21 13:47:46 | 000,001,484 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110121_134743.reg [2011/01/21 09:53:40 | 000,001,115 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Vidéos - Raccourci.lnk [2011/01/17 20:26:18 | 000,001,897 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\AD-R.lnk [2011/01/17 20:20:17 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/01/17 20:20:15 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/01/17 20:20:15 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/01/17 15:56:47 | 000,001,264 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk [2011/01/17 15:44:10 | 000,000,036 | ---- | C] () -- C:\Users\Olivier Martin\AppData\Local\housecall.guid.cache [2011/01/17 15:39:05 | 000,001,246 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110117_153903.reg [2011/01/16 09:33:40 | 000,008,430 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110116_093337.reg [2011/01/15 14:36:49 | 000,000,112 | ---- | C] () -- C:\ProgramData\y32s3LDu.dat [2011/01/13 20:11:46 | 000,003,031 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\HiJackThis.lnk [2011/01/13 16:41:57 | 000,000,162 | -H-- | C] () -- C:\Users\Olivier Martin\Desktop\~$vre à acheter.doc [2011/01/13 14:47:23 | 000,022,442 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110113_144720.reg [2011/01/03 23:15:36 | 000,003,328 | ---- | C] () -- C:\Users\Olivier Martin\.ganttproject [2011/01/03 23:15:02 | 000,007,545 | ---- | C] () -- C:\Users\Olivier Martin\Documents\Projet Travail.gan [2011/01/03 09:31:15 | 000,030,925 | ---- | C] () -- C:\Users\Olivier Martin\.ganttproject.log [2011/01/03 09:30:28 | 000,001,965 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\GanttProject.lnk [2010/12/30 14:34:29 | 000,000,162 | -H-- | C] () -- C:\Users\Olivier Martin\Desktop\~$Sir 25.docx [2010/12/30 14:34:28 | 000,013,031 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Sir 25.docx [2010/12/27 22:43:56 | 000,226,666 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\courir.pdf [2010/12/27 16:11:56 | 4002,405,218 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Corse2010.avi [2010/12/27 12:02:11 | 000,003,326 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\corse2010.xmp [2010/12/27 10:39:34 | 1884,379,327 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\corse2010.mpg [2010/11/27 01:48:52 | 000,017,674 | ---- | C] () -- C:\Windows\bw600_clone.ini [2010/04/26 16:15:44 | 001,551,984 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/02/24 13:39:19 | 000,036,972 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll [2010/02/14 17:32:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/02/12 17:54:03 | 000,007,623 | ---- | C] () -- C:\Users\Olivier Martin\AppData\Local\resmon.resmoncfg [2010/02/06 14:06:22 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini [2010/01/07 14:48:28 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib [2010/01/06 15:21:34 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\VBoxD3D9.dll [2010/01/06 15:21:34 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\VBoxD3D8.dll [2010/01/06 15:21:06 | 001,372,160 | ---- | C] () -- C:\Windows\SysWow64\libWine.dll [2010/01/06 15:21:06 | 000,827,392 | ---- | C] () -- C:\Windows\SysWow64\wined3d.dll [2009/11/30 16:32:24 | 000,060,416 | ---- | C] () -- C:\Windows\SysWow64\rbap350.dll [2009/11/22 20:15:56 | 000,000,092 | ---- | C] () -- C:\Windows\Antidote7.ini [2009/11/21 21:25:02 | 000,000,263 | ---- | C] () -- C:\Windows\w32demo8.ini [2009/11/20 16:33:51 | 000,000,165 | ---- | C] () -- C:\Windows\BasiliskII.ini [2009/11/20 13:18:58 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2009/11/20 13:18:56 | 000,000,462 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009/11/20 13:18:56 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2009/11/17 16:03:00 | 000,000,890 | ---- | C] () -- C:\Windows\BW6Dir.ini [2009/11/17 16:01:16 | 000,017,728 | ---- | C] () -- C:\Windows\bw600.ini [2009/11/17 15:47:22 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\bwbits60.dll [2009/11/17 15:47:22 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\patchw32.dll [2009/11/17 15:47:22 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\patchw.dll [2009/11/17 15:47:22 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll [2009/11/17 15:47:22 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\bwntsend.dll [2009/11/17 15:47:22 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\bwnthook.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2011/01/03 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d [2010/01/08 11:29:12 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Academic Software Zurich [2010/01/15 22:02:25 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\DAEMON Tools Lite [2009/11/22 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Druide [2010/09/02 22:06:30 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\EndNote [2010/11/14 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\FileZilla [2009/11/24 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\InfraRecorder [2010/12/01 19:02:42 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\inkscape [2010/10/22 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Swiss Academic Software [2010/11/29 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\The Word [2010/08/19 15:21:22 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Thunderbird [2011/01/20 20:55:44 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/01/05 14:38:42 | 000,000,490 | ---- | M] () -- C:\Windows\Tasks\SyncBack Sauvegarde mail.job ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/01/03 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d [2010/01/08 11:29:12 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Academic Software Zurich [2010/01/10 14:58:52 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Adobe [2009/11/27 12:31:12 | 000,000,000 | R--D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Brother [2009/11/17 15:31:05 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\CyberLink [2010/01/15 22:02:25 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\DAEMON Tools Lite [2009/11/17 15:28:28 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Dell [2009/11/20 21:21:58 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Download Manager [2009/11/22 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Druide [2010/09/02 22:06:30 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\EndNote [2010/11/14 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\FileZilla [2009/11/17 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Identities [2009/11/24 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\InfraRecorder [2010/12/01 19:02:42 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\inkscape [2009/11/18 23:09:40 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Macromedia [2010/08/21 10:42:01 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Malwarebytes [2009/07/14 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Media Center Programs [2011/01/13 20:11:46 | 000,000,000 | --SD | M] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft [2009/11/19 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Mozilla [2009/11/17 15:28:15 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Roxio [2011/01/21 18:53:34 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Skype [2011/01/21 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\skypePM [2010/10/22 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Swiss Academic Software [2009/11/19 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Talkback [2010/11/29 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\The Word [2010/08/19 15:21:22 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Thunderbird [2010/12/22 10:33:11 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\vlc [2010/12/10 15:18:31 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\VMware [2010/08/21 08:59:14 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\WinRAR [2011/01/21 16:33:28 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\WTablet [2010/02/18 14:54:32 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2011/01/13 20:11:46 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys [2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: DISK.SYS > [2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys [2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys [2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys < MD5 for: EXPLORER.EXE > [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SysWOW64\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NDIS.SYS > [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: RASACD.SYS > [2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys [2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys < MD5 for: RDPWD.SYS > [2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\SysNative\drivers\rdpwd.sys [2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys [2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys [2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys < MD5 for: TCPIP.SYS > [2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys [2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys [2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys < MD5 for: TDTCP.SYS > [2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys [2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys [2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys [2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys < MD5 for: USERINIT.EXE > [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll [2009/07/14 02:15:28 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\Tasks\*.job > [2011/01/21 18:16:00 | 000,001,086 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011/01/21 19:16:00 | 000,001,090 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2010/01/05 14:38:42 | 000,000,490 | ---- | M] () -- C:\Windows\Tasks\SyncBack Sauvegarde mail.job < End of report >
  12. Platzounet
    Merci, c'est sympa
  13. Platzounet
    Merci pour la réponse. Voilà déjà le rapport de Ad-Remover ======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 16/01/11 à 02:00 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 13:41:04 le 21/01/2011, Mode sans echec Microsoft Windows 7 Édition Familiale Premium (X64) Olivier Martin@OLIVE-FIXE (Dell Inc. Inspiron 545) ============== RECHERCHE ============== ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.13 (fr)] ** -- C:\Users\Olivier Martin\AppData\Roaming\Mozilla\FireFox\Profiles\monl468j.default\Prefs.js -- browser.startup.homepage_override.mstone, rv:1.9.2.13 ======================================== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\SysWOW64\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 17/01/2011 (2625 Octet(s)) C:\Ad-Report-SCAN[1].txt - 17/01/2011 (2354 Octet(s)) C:\Ad-Report-SCAN[2].txt - 21/01/2011 (0 Octet(s)) Fin à: 13:41:38, 21/01/2011 ============== E.O.F ==============
  14. Platzounet
    Bonsoir, J'ai pas encore passé le délai des 72h... mais comme j'ai répondu à mon propre sujet (j'avais pas vu qu'il fallait pas... et j'arrive plus à supprimer mon post)... je crains qu'il ne passe malencontreusement à la trappe: http://forum.zebulon.fr/infection-tenance-artemisa21f3188eac8-t182414.html Donc no stress... mais si quelqu'un à un moment.
  15. Platzounet
    O43 - CFD: 26/04/2010 - 16:15:12 ----D- C:\Program Files (x86)\Common Files\VMware O43 - CFD: 12/11/2009 - 13:25:48 ----D- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 29/08/2010 - 09:47:30 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.EABC5F6873DCA4B01E77B575D75808B9] - 19/01/2011 - 20:49:40 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19312] O44 - LFC:[MD5.EABC5F6873DCA4B01E77B575D75808B9] - 19/01/2011 - 20:49:40 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19312] O44 - LFC:[MD5.02000000000000000000000028EE1800] - 19/01/2011 - 20:48:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1305658] O44 - LFC:[MD5.8193D4381BE46CDC386B42FB6C04AC00] - 19/01/2011 - 20:48:05 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.DBC309F1D47243E39620A73EC8BA40D4] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1532744] O44 - LFC:[MD5.570215F21A061050F684A179E4E6019C] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [104580] O44 - LFC:[MD5.87AB24D66F0EE8DB349F993EDB01816A] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [128688] O44 - LFC:[MD5.552B1ECB1999A02C35124F465B5AF3EE] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [609676] O44 - LFC:[MD5.8B5A0CE456CCEC30BB6347465CD543DE] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [697450] O44 - LFC:[MD5.F35695256E326493AAF877F2EDF19514] - 18/01/2011 - 07:22:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [616] O44 - LFC:[MD5.19C0D8C6C3B7C6560D9268D206301E7E] - 18/01/2011 - 07:22:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [620407590] O44 - LFC:[MD5.F255946F4436F73F96B2F69E37724D98] - 17/01/2011 - 20:30:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [2625] O44 - LFC:[MD5.96143FA148AC59FEE9FEC2E8C93D356B] - 17/01/2011 - 20:27:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [2354] O44 - LFC:[MD5.8773226E890844310B24DA1E77234891] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.567B74B15E3BB4D92AF336366CFB06C6] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.26DC78D41DA2F3A16A00208B49051798] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/01/2011 - 16:52:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.8C13E5BB06DCD4A21F10BF9209EBB434] - 17/01/2011 - 16:52:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1546] O44 - LFC:[MD5.BDE40AF2F5353814C505143728DEC498] - 09/01/2011 - 02:40:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BW6Dir.ini [890] O44 - LFC:[MD5.F2F2598209DD6E09AFC3721E1F344EA0] - 09/01/2011 - 02:40:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bw600.ini [17728] ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- J:\Autorun.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll O52 - TDSD: \Drivers32\"VIDC.VMnc"="vmnc.dll" . (.VMware, Inc. - VMware Movie decoder.) -- C:\Windows\System32\vmnc.dll O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.2F0683FD2DF1D92E891CACA14B45A8C1] - 27/06/2008 - 07:51:10 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\Windows\system32\drivers\adfs.sys [88632] O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.4731B44F534E99FDAF6ED7DF31FA052B] - 10/06/1999 - 20:20:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\CDENABLE.SYS [6112] O58 - SDL:[MD5.E02C9CDB15F13DE4EB2FF67660E62317] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\system32\drivers\cfwids.sys [62800] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 16/02/2007 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\system32\drivers\ElbyCDFL.sys [40648] O58 - SDL:[MD5.7984A82C1C373923330E6781F762D140] - 26/09/2009 - 18:57:38 ---A- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys [33960] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.B93B24F258441820E575C7983BA47313] - 22/01/2010 - 20:00:44 ---A- . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\system32\drivers\hcmon.sys [38960] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888] O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.07389F6925E490D2DB7882110E99921C] - 26/07/2008 - 15:22:22 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\system32\drivers\lv302a64.sys [15768] O58 - SDL:[MD5.087A343DFC337F37723DD7912DE6B6CD] - 26/07/2008 - 15:22:34 ---A- . (.Logitech Inc. - Logitech QuickCam Driver.) -- C:\Windows\system32\drivers\LV302V64.SYS [2624408] O58 - SDL:[MD5.7F0BA3A6E8996F15693C6B7D81DA049E] - 26/07/2008 - 15:25:48 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs64.sys [790424] O58 - SDL:[MD5.5C3FF68267A5D242EE79EE01B993D6CE] - 26/07/2008 - 15:26:34 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBS64.sys [50072] O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.C1556CA9695FCD6BBD23D75D402FD43D] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys [121248] O58 - SDL:[MD5.8857EE8B49F3338FC1FAD476BFCCA146] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [190136] O58 - SDL:[MD5.9B090B2C6D84F4E392B3E5FF168929DA] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\system32\drivers\mfeclnk.sys [9984] O58 - SDL:[MD5.19C44295F6BF085C83352D48397F7870] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\system32\drivers\mfefirek.sys [441328] O58 - SDL:[MD5.5F915E20AB56121C41C6BF9A91A83BDA] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [529128] O58 - SDL:[MD5.23AE332E32FF615CA5E5224C8D91AF11] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\system32\drivers\mfenlfk.sys [75032] O58 - SDL:[MD5.9C7A9273E345F8D653394B5C542BF86A] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys [94864] O58 - SDL:[MD5.3140B2C56D7119BA314F68FC785683F0] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfewfpk.sys [283360] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.CB599955CE2CE9694721562F9481CD84] - 27/06/2009 - 00:55:10 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [83488] O58 - SDL:[MD5.51BD7EF17F0B525994AD5B3748C8288B] - 26/06/2009 - 23:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 186.27.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11515808] O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056] O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.ABCB5A38A0D85BDF69B7877E1AD1EED5] - 01/03/2009 - 23:05:32 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [187392] O58 - SDL:[MD5.F2B52C7B1C8E6A4FC4C4564F4A421F23] - 03/06/2009 - 03:15:14 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1766944] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.3D000000000000000000000028EE1800] - 24/11/2009 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.4FE30EC910BA4D18D1B0E51C7780053C] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\system32\drivers\VBoxDrv.sys [202960] O58 - SDL:[MD5.47499FE912F0B4E7664F8498F2906F0E] - 05/08/2010 - 13:02:56 ---A- . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\system32\drivers\VBoxNetAdp.sys [144720] O58 - SDL:[MD5.032D3D3F93EEF92FDA895E87F28A0A0B] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\Windows\system32\drivers\VBoxNetFlt.sys [164240] O58 - SDL:[MD5.A8A9D6A510EF796192A0AF95F1C2D2BB] - 07/10/2009 - 09:43:42 ---A- . (.Sun Microsystems, Inc. - VirtualBox USB Driver.) -- C:\Windows\system32\drivers\VBoxUSB.sys [43792] O58 - SDL:[MD5.7A15BBAA003DE45A8DBA5E72FEC0C704] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\system32\drivers\VBoxUSBMon.sys [53968] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.9BC38986A8F0E85F27CC18A196808F52] - 22/01/2010 - 21:14:30 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\system32\drivers\vmci.sys [80944] O58 - SDL:[MD5.AC9DC0F511C56125483A5FB385D0BC80] - 22/01/2010 - 21:14:34 ---A- . (.VMware, Inc. - VMware keyboard filter driver (64-bit).) -- C:\Windows\system32\drivers\VMkbd.sys [29744] O58 - SDL:[MD5.8AB4374464C6548FA30E498811D2B324] - 22/01/2010 - 16:12:58 R--A- . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\system32\drivers\vmnet.sys [24112] O58 - SDL:[MD5.9D54F1339E78C95BF3D9939EBCB66378] - 22/01/2010 - 16:12:58 ---A- . (.VMware, Inc. - VMware virtual network adapter driver (64-bit).) -- C:\Windows\system32\drivers\vmnetadapter.sys [20016] O58 - SDL:[MD5.FB54EF3AA613D2832FD3812E7CB2FC75] - 22/01/2010 - 16:12:58 R--A- . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\system32\drivers\vmnetbridge.sys [45104] O58 - SDL:[MD5.B4686ED49494A4264E867A7938FAD24B] - 22/01/2010 - 21:14:30 ---A- . (.VMware, Inc. - VMware network application interface driver (64-bit).) -- C:\Windows\system32\drivers\vmnetuserif.sys [30256] O58 - SDL:[MD5.415B167695C4B5960A13098622EF3D80] - 22/01/2010 - 16:13:00 ---A- . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\system32\drivers\vmusb.sys [37680] O58 - SDL:[MD5.4B4987B8850DE542F23621B881B10342] - 22/01/2010 - 21:14:36 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\system32\drivers\vmx86.sys [68656] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.E04D43C7D1641E95D35CAE6086C7E350] - 16/02/2007 - 10:12:36 ---A- . (.Wacom Technology - Wacom Mouse Filter Driver.) -- C:\Windows\system32\drivers\wacommousefilter.sys [12848] O58 - SDL:[MD5.9D45E06348C6703FBA2064AC149AABDA] - 16/02/2007 - 10:30:12 ---A- . (.Wacom Technology - Virtual Hid Device.) -- C:\Windows\system32\drivers\wacomvhid.sys [14640] O58 - SDL:[MD5.6D7F09CD92A9FEF3A8EFCE66231FDD79] - 14/08/2008 - 07:57:42 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\Windows\SysWOW64\drivers\adfs.sys [74720] O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 16/02/2007 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys [40648] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.74B5B63EF92985F1D3E7BF1ECADD6EF7] - 12/10/2009 - 13:33:00 ---A- . (.StorageCraft Technology Corporation - StorageCraft Volume Snapshot Driver.) -- C:\Windows\SysWOW64\drivers\stcp2v30.sys [64960] O58 - SDL:[MD5.8F4112AE3CABAB7F703D18D517E1E3A3] - 12/10/2009 - 08:41:42 ---A- . (.Sun Microsystems, Inc. - VirtualBox Mouse Filter.) -- C:\Windows\SysWOW64\drivers\VBoxMouse.sys [32960] ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\Drivers\ADFS.sys - adfs (adfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADFS O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\System32\drivers\cfwids.sys - McAfee Inc. cfwids (cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - C:\Windows\System32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - C:\Windows\system32\drivers\hcmon.sys - VMware hcmon (hcmon) .(.VMware, Inc. - VMware USB monitor.) - LEGACY_HCMON O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\System32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk (mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK O64 - Services: CurCS - C:\Windows\System32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk (mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK01 O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk02) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK02 O64 - Services: CurCS - C:\Windows\System32\drivers\mfefirek.sys - McAfee Inc. mfefirek (mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfefirek01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEFIREK01 O64 - Services: CurCS - C:\Windows\System32\drivers\mfehidk.sys - McAfee Inc. mfehidk (mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK01 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mfenlfk.sys - McAfee NDIS Light Filter (mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK O64 - Services: CurCS - C:\Windows\System32\drivers\mferkdet.sys - McAfee Inc. mferkdet (mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET O64 - Services: CurCS - (.not file.) - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK O64 - Services: CurCS - C:\Windows\System32\drivers\mfewfpk.sys - McAfee Inc. mfewfpk (mfewfpk) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFEWFPK O64 - Services: CurCS - C:\Windows\System32\drivers\modem.sys - modem (modem) .(.Microsoft Corporation - Pilote de périphérique modem.) - LEGACY_MODEM O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\VBoxDrv.sys - VirtualBox Service (VBoxDrv) .(.Oracle Corporation - VirtualBox Support Driver.) - LEGACY_VBOXDRV O64 - Services: CurCS - C:\Windows\system32\Drivers\VBOXUSBMON.sys - VirtualBox USB Monitor Driver (VBoxUSBMon) .(.Pas de propriétaire - Pas de description.) - LEGACY_VBOXUSBMON O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\vmci.sys - VMware vmci (vmci) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMCI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\vmnetbridge.sys - VMware Bridge Protocol (VMnetBridge) .(.VMware, Inc. - VMware bridge driver (64-bit).) - LEGACY_VMNETBRIDGE O64 - Services: CurCS - C:\Windows\system32\drivers\vmnetuserif.sys - VMware Network Application Interface (VMnetuserif) .(.VMware, Inc. - VMware network application interface driver.) - LEGACY_VMNETUSERIF O64 - Services: CurCS - C:\Windows\system32\drivers\vmx86.sys - VMware vmx86 (vmx86) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMX86 O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys - Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) .(.VMware, Inc. - VMware Virtual Storage Volume Driver.) - LEGACY_VSTOR2-WS60 O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wimfltr.sys - WimFltr (WimFltr) .(.Microsoft Corporation - Windows Image File Mini-Filter Driver.) - LEGACY_WIMFLTR O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Couche IFS Winsock2.) - LEGACY_WS2IFSL O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=1000 (Application Error) - (.Adobe Systems Incorporated - Adobe Acrobat 9.0.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE O66 - EventLog: ID=1000 (Application Error) - (.Oracle Corporation - VirtualBox GUI.) -- C:\PROGRA~1\Oracle\VIRTUA~1\VirtualBox.exe O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - BW600 Module.) -- C:\Program Files (x86)\BibleWorks 6\bw600.exe O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - {searchTerms} - Bing O69 - SBI: SearchScopes [HKCU] {2A1B4545-9D47-4C36-91BB-3E8C87359D0D} - (Google) - {searchTerms} - Google Search O69 - SBI: SearchScopes [HKCU] {AD762E80-9096-461C-B939-3647496CF746} - (Yahoo! Search) - {searchTerms} - Yahoo! France Résultats de recherche O69 - SBI: SearchScopes [HKUS\.DEFAULT] {8A96AF9E-4074-43b7-BEA3-87217BDA7402} [DefaultScope] - (Web Search) - http://www.searchqu.com/web?src=ieb&systemid=402&q={searchTerms} O69 - SBI: SearchScopes [HKUS\S-1-5-18] {8A96AF9E-4074-43b7-BEA3-87217BDA7402} [DefaultScope] - (Web Search) - http://www.searchqu.com/web?src=ieb&systemid=402&q={searchTerms} ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [0] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [0] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [0] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [0] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [0] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [0] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [0] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [0] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [0] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [0] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [0] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [0] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [0] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [0] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [0] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [0] ---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84) [MD5.B561AE170381399A4D825E4731458679] [sPRF] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Olivier Martin\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe [884512] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 31/03/2009 92160 | C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SR - | Auto 13/06/2004 57344 | C:\Windows\SysWOW64\brsvc01a.exe (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe SS - | Demand 20/11/2009 655624 | "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Demand 20/11/2009 1038088 | "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (FLEXnet Licensing Service 64) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe SS - | Disabled 05/07/2010 136176 | "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SS - | Demand 07/10/2010 509416 | "C:\Program Files\McAfee\VirusScan\mcods.exe (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 24/08/2010 200056 | "C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe SR - | Auto 13/10/2010 245352 | "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SR - | Auto 13/10/2010 149032 | "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe SR - | Auto 10/03/2010 0 | C:\Windows\system32\nvvsvc.exe (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 14/01/2009 226656 | "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SeaPort) . (.Microsoft Corp..) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe SR - | Auto 14/01/2009 0 | C:\Windows\system32\Tablet.exe (TabletService) . (.Wacom Technology, Corp..) - C:\Windows\system32\Tablet.exe SS - | Demand 12/10/2009 191024 | "C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (ufad-ws60) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe SR - | Auto 22/01/2010 113200 | "C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe SR - | Auto 22/01/2010 334384 | C:\Windows\system32\vmnetdhcp.exe (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe SR - | Auto 22/01/2010 563760 | "C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe SR - | Auto 22/01/2010 395824 | C:\Windows\system32\vmnat.exe (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by Olivier Martin at 19/01/2011 22:33:11 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Olivier Martin at 19/01/2011 22:33:12 Use the desktop link 'MBRCheck' to have full report ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.3D000000000000000000000028EE1800] - 24/11/2009 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544] End of the scan (1161 lines in 02mn 06s)(0) ****************************************** Ah oui, j'oubliais, j'ai aussi passé Ad-Remover. Correctif... J'avais pas vu qu'il fallait pas répondre à son propre message au risque d'être oublié... je n'arrive pas à supprimer mon post maintenant. Espérons que je ne disparaîtrais pas dans les ténèbres de l'oubli. Merci à vous (jeudi 9h30) Je rajoute encore, McAfee vient de me détecter Generix.dx!voi avec suppression d'un .exe dans le dossier /temp. (jeudi 11h35) ****************************************** Vendredi 18h (vous allez avoir tout mon journal intime à force...) J'ai refait tous les tests en mode sans echec... Antivirus, MAM Spybot search & destroy AR-R Ils ne trouvent rien Pourtant le pb demeure. Je me suis permis de virer de la base des registres toutes les clés qui contenaient searchqu et searchquFF Apparemment il y a un truc qui se lance au démarrage, mais j'arrive pas à trouver ce que c'est... Nouveau symptôme remarqué aujourd'hui, je clique sur un lien dans Google (Firefox) et je suis renvoyé sur une page Ebay... ou autre... ************************************* Juste une réponse rapide sur la question de la restauration de l'image système me serait utile
  16. Platzounet
    Bonjour, Je viens solliciter vos compétences, car apparemment j'ai chopé un sale truc... L'antivirus McAfee me repère régulièrement des Trojans dont les noms varient (récemment Artemis!A21F3188EAC8), supprime des .exe dans le dossier /Temp dont les noms sont apparemment générés de manière aléatoire, des onglets apparaissent de temps à autre avec de la Pub dans Firefox... Voilà ce que j'ai déjà fait: Scan McAfee --> netoyage des fichiers infectés Scan Malwarebytes --> Netoyage des fichiers Spybot - Search & Destroy idem Redémarage... J'ai aussi souvent des plantages lors de la mise en veille alors que mon Seven (je m'en réjouissais il y a quelques jours) ne plantait quasiment jamais depuis un an (que je l'ai)... Au redémarrage des fenêtres (windows blank) s'ouvrent et se referment seules... (j'ai pu voir le nom d'une de ces fenêtre "hello2" une fois que le PC ramait un peu au démarrage) Mais, le matou revient... il est toujours vivaaaant. J'avais fait un point de restauration d'image système cet été... je peux peut-être essayer, mais est-ce efficace pour ce genre de pb? A noter : 1. que j'ai fait tout cela sans désactiver la restauration système (peur de perdre mon image système...) 2. que je n'ai pas encore fait ces opérations en mode sans échec Je vous joins un rapport ZHPDiag Et je vous remercie en avance!!! --------------------------- Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010 Run by Olivier Martin at 19/01/2011 22:31:05 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.7600.16385 MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut) ---\\ System Information Windows 7 Home Premium Edition, 64-bit (Build 7600) Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4094 MB (64% free) System drive C: has 405 GB (58%) free of 689 GB ---\\ Logged in mode Computer Name: HOME-FIXE User Name: Olivier Martin All Users Names: __vmware_user__, Olivier Martin, HomeGroupUser$, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 405 Go of 689 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 148 Go of 699 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.F170B4A061C9E026437B193B4D571799] - (.Microsoft Corporation - Explorateur Windows.) (.03/08/2009 07:17:37.) -- C:\Windows\Explorer.exe [2868224] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] ---\\ Processus lancés [MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [MD5.435F79D364B796A4EA0B5CAF24CA78BD] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200] [MD5.A531E07BBF9BC1CF4EA8BA2F760E3FEE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [15028104] [MD5.93CDF9D554BA63AD82DD745528DD55FA] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [33796] [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552] [MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe [80256] [MD5.0FE0EDF01CEA3BEB2E65A904BB87525E] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray .exe [640376] [MD5.4902FB4175DFA4B6EF8DD3A8F861C12F] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray .exe [129584] [MD5.76375D7763C9B56C0E96AE30F6160DFF] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote .exe [600256] [MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344] [MD5.BCA1AF2075989E9671EF4CB9369D10AF] - (.Mozilla Messaging - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [12584112] [MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [620544] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2) P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.LizardTech - DjVu Plug-In(external version 6.1.4.2013).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdjvu.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files (x86)\Yahoo!\Shared\npYState.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll M2 - MFEP: prefs.js [Olivier Martin - monl468j.default\zotero@chnm.gmu.edu] [] Zotero v2.0rc5 (.Center for History and New Media<br/>George Mason University.) ---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: SwissAcademic.Citavi.IEPicker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- mscoree.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [vmware-tray] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe O4 - HKLM\..\Run: [agentantidote.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS4ServiceManager] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Wow6432Node\Run: [vmware-tray] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [AdobeBridge] Clé orpheline O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-18\..\RunOnce: [!SearchquFF] C:\Windows\TEMP\INSTAL~1.dllystemid=402&q=, (.not file.) O4 - HKUS\S-1-5-18\..\RunOnce: [!SearchquFF] C:\Windows\TEMP\INSTAL~1.dllystemid=402&q=, (.not file.) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.) ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Citavi 3.lnk . (.Swiss Academic Software.) -- C:\Program Files (x86)\Citavi 3\bin\Citavi.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Dead Sea Scrolls.lnk . (.Brigham Young University.) -- C:\Program Files (x86)\Brigham Young University\Dead Sea Scrolls Electronic Library\wcUView.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\GanttProject.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\GanttProject\ganttproject.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files (x86)\JDownloader\JDownloader.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Olive Portable.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\PDF Sam.lnk . (.by Framasoft.) -- C:\Users\Olivier Martin\Desktop\PortablePDFSAM\PortablePDFSAM\PortablePDFSAM.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Polices - Raccourci.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Sticky Notes.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\StikyNot.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\SyncBack.lnk . (.2BrightSparks.) -- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Travail - UPVM.lnk . (.Pas de propriétaire.) -- \\PORTABLEUPVM\Documents and Settings\Olive\Mes documents\Travail (.not file.) O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\VMware Player.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Citavi 3.lnk . (.Swiss Academic Software.) -- C:\Program Files (x86)\Citavi 3\bin\Citavi.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Dead Sea Scrolls.lnk . (.Brigham Young University.) -- C:\Program Files (x86)\Brigham Young University\Dead Sea Scrolls Electronic Library\wcUView.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\GanttProject.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\GanttProject\ganttproject.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files (x86)\JDownloader\JDownloader.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Olive Portable.lnk - Clé orpheline O4 - Global Startup: C:\Users\Olivier Martin\Desktop\PDF Sam.lnk . (.by Framasoft.) -- C:\Users\Olivier Martin\Desktop\PortablePDFSAM\PortablePDFSAM\PortablePDFSAM.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Polices - Raccourci.lnk - Clé orpheline O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Sticky Notes.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\StikyNot.exe (.not file.) O4 - Global Startup: C:\Users\Olivier Martin\Desktop\SyncBack.lnk . (.2BrightSparks.) -- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Travail - UPVM.lnk . (.Pas de propriétaire.) -- \\PORTABLEUPVM\Documents and Settings\Olive\Mes documents\Travail (.not file.) O4 - Global Startup: C:\Users\Olivier Martin\Desktop\VMware Player.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk . (.Christian Kindahl.) -- C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files (x86)\Inkscape\inkscape.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Citavi Picker... - (.not file.) - file:\\C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Ajouter à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Convertir au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} . (.not file.) - (.not file.) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} (Environnement d'exécution Java 1.3.1_18) - http://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: (Brother XP spl Service) . (.brother Industries Ltd - brsvc01a.) - C:\Windows\SysWOW64\brsvc01a.exe O23 - Service: (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe O23 - Service: (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe O23 - Service: (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: (nvsvc) - Clé orpheline O23 - Service: (TabletService) - Clé orpheline O23 - Service: (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\system32\vmnetdhcp.exe O23 - Service: (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\system32\vmnat.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SyncBack Sauvegarde mail.job [MD5.00000000000000000000000000000000] [APT] [93a3748c] (.Pas de propriétaire.) -- C:\Users\Oliv-S~1\AppData\Local\Temp\setup783426956.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [ece92408] (.Pas de propriétaire.) -- C:\Users\Oliv-S~1\AppData\Local\Temp\setup3803102088.exe (.not file.) [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.A531E07BBF9BC1CF4EA8BA2F760E3FEE] [APT] [{A16D3EF2-AEAE-4AD0-A832-CDFC609BED34}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\Windows\SysWow64\Macromed\Flash\Flash10e.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys O41 - Driver: (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\System32\DRIVERS\mfenlfk.sys O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfewfpk.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\System32\drivers\tcpip.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VBoxDrv) . (.Oracle Corporation - VirtualBox Support Driver.) - C:\Windows\System32\DRIVERS\VBoxDrv.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {197A3012-8C85-4FD3-AB66-9EC7E13DB92E} O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004} O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1618734A-3957-4ADD-8199-F973763109A8} O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0} O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191} O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0F723FC1-7606-4867-866C-CE80AD292DAF} O42 - Logiciel: Adobe Color - Photoshop Specific CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3D2C9DE6-9ADE-4252-A241-E43723B0CE02} O42 - Logiciel: Adobe Color EU Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1} O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0D6013AB-A0C7-41DC-973C-E93129C9A29F} O42 - Logiciel: Adobe Color NA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {098A2A49-7CF3-4F08-A38D-FB879117152A} O42 - Logiciel: Adobe Color Video Profiles CS CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {63C24A08-70F3-4C8E-B9FB-9F21A903801D} O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683} O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A} O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578 O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {30C8AA56-4088-426F-91D1-0EDFD3A25678} O42 - Logiciel: Adobe Drive CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {16E16F01-2E2D-4248-A42F-76261C147B6C} O42 - Logiciel: Adobe Dynamiclink Support - (.Adobe Systems Incorporated.) [HKLM] -- {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} O42 - Logiciel: Adobe Encore CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5EAD5443-7194-46CC-A055-428E6ABB1BAF} O42 - Logiciel: Adobe Encore CS4 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {FB2A5FCC-B81B-48C2-A009-7804694D83E9} O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5} O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {054EFA56-2AC1-48F4-A883-0AB89874B972} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} O42 - Logiciel: Adobe InDesign CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_95e0cc74dbf32662d4445ac1ef67d56 O42 - Logiciel: Adobe InDesign CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C9FDFA53-88D0-42C6-94E8-244016267C50} O42 - Logiciel: Adobe InDesign CS4 Application Feature Set Files (Middle-Eastern) - (.Adobe Systems Incorporated.) [HKLM] -- {EEA247F1-C478-405A-B59A-C29585D8DF27} O42 - Logiciel: Adobe InDesign CS4 Common Base Files - (.Adobe Systems Incorporated.) [HKLM] -- {B7F12CF1-B81C-47C9-835C-5486ED89B8CE} O42 - Logiciel: Adobe InDesign CS4 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {3E0D6B4E-99E6-445F-B83D-E13638CA2008} O42 - Logiciel: Adobe Linguistics CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {931AB7EA-3656-4BB7-864D-022B09E3DD67} O42 - Logiciel: Adobe Media Encoder CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} O42 - Logiciel: Adobe Media Encoder CS4 Additional Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {BE9CEAAA-F069-4331-BF2F-8D350F6504F4} O42 - Logiciel: Adobe Media Encoder CS4 Dolby - (.Adobe Systems Incorporated.) [HKLM] -- {EE353798-E875-42E0-B58D-7E6696182EA8} O42 - Logiciel: Adobe Media Encoder CS4 Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {561968FD-56A1-49FD-9ED0-F55482C7C5BC} O42 - Logiciel: Adobe Media Encoder CS4 Importer - (.Adobe Systems Incorporated.) [HKLM] -- {8186FF34-D389-4B7E-9A2F-C197585BCFBD} O42 - Logiciel: Adobe OnLocation CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {7406DF60-016D-476B-A2C7-55D997592047} O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A} O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353} O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8 O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {E4848436-0345-47E2-B648-8B522FCDA623} O42 - Logiciel: Adobe Photoshop CS4 Support - (.Adobe Systems Incorporated.) [HKLM] -- {63E5CDBF-8214-4F03-84F8-CD3CE48639AD} O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_26b63376f4efc354dae41af6b5e3343 O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {D499F8DE-3F31-4900-9157-61061613704B} O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9} O42 - Logiciel: Adobe Premiere Pro CS4 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7} O42 - Logiciel: Adobe Premiere Pro CS4 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {C938BE91-3BB5-4B84-9EF6-88F0505D0038} O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Adobe SGM CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B} O42 - Logiciel: Adobe SING CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {4A52555C-032A-4083-BDD9-6A85ABFB39A8} O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM] -- {F0E64E2E-3A60-40D8-A55D-92F6831875DA} O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM] -- {4943EFF5-229F-435D-BEA9-BE3CAEA783A7} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {14AFE241-FC6E-4FDB-BCA0-7AD6F4974171} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {566BB41D-F006-4956-A5D3-94D8DFFA7F51} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {F49C5BB6-77AF-40EA-AD40-C54FDB05803D} O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230} O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {78C2BDCD-79EB-4151-A113-C06E9A9678D6} O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739} O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM] -- {68243FF8-83CA-466B-B2B8-9F99DA5479C4} O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4} O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai O42 - Logiciel: Antidote HD - (.Druide informatique inc..) [HKLM] -- {56CDB4FE-895F-4E0D-8BB4-9A8D4310898D} O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: BibleWorks 6 - (.Pas de propriétaire.) [HKLM] -- {F5CD130F-5789-4D38-8762-FFBEBA896805} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Citavi - (.Swiss Academic Software.) [HKLM] -- {E12C6653-1FF0-4686-ADB8-589C13AE761F} O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM] -- {B29AD377-CC12-490A-A480-1452337C618D} O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1 O42 - Logiciel: Dead Sea Scrolls Electronic Library - (.Brigham Young University.) [HKLM] -- {F8C669F9-91F8-48C4-8E52-742FA6B855D4} O42 - Logiciel: EndNote X1 - (.Thomson ResearchSoft.) [HKLM] -- {87F7773C-EC9C-461A-AA7B-4AF8EF54DF49} O42 - Logiciel: Environnement d'exécution Java 2, Standard Edition v1.3.1_18 - (.Pas de propriétaire.) [HKLM] -- {68249B78-B714-11D7-88E8-0050DA21757E} O42 - Logiciel: FileZilla Client 3.3.0.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1} O42 - Logiciel: GanttProject - (.Pas de propriétaire.) [HKLM] -- GanttProject O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: HHD Software Hex Editor Neo 4.95 - (.HHD Software, Ltd..) [HKCU] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0} O42 - Logiciel: ISI ResearchSoft - Export Helper - (.Pas de propriétaire.) [HKLM] -- ISI ResearchSoft - Export Helper O42 - Logiciel: InfraRecorder - (.Pas de propriétaire.) [HKLM] -- InfraRecorder O42 - Logiciel: Inkscape 0.48.0 - (.Pas de propriétaire.) [HKLM] -- Inkscape O42 - Logiciel: Inscriptifact 8.0.0 - (.University Of Southern California.) [HKCU] -- Inscriptifact 8.0.0 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31} O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader O42 - Logiciel: Java 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] -- {105CFC7C-6992-11D5-BD9D-000102C10FD8} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13) O42 - Logiciel: Mozilla Thunderbird (3.1.7) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (3.1.7) O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PC Library - (.Pas de propriétaire.) [HKLM] -- PC Library O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {35D94F92-1D3A-43C5-8605-EA268B1A7BD9} O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8} O42 - Logiciel: PowerDVD DX - (.CyberLink Corp..) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {04F3038E-4120-44CC-B330-E05F737246A5} O42 - Logiciel: SIW version 2009.10.22 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1 O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} O42 - Logiciel: Skype™ 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3D45A3B6-BC6D-4F7A-B311-2C4773530D68} O42 - Logiciel: SyncBack - (.2BrightSparks.) [HKLM] -- SyncBack_is1 O42 - Logiciel: Tablette - (.Wacom Technology Corp..) [HKLM] -- Tablet Driver O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA} O42 - Logiciel: WinSoftME - (.Adobe Systems Incorporated.) [HKLM] -- {304C91E3-C95D-4785-8EA8-5AAAA88FA3B4} O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354} O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM] -- {098727E1-775A-4450-B573-3F441F1CA243} O42 - Logiciel: theWord - (.Pas de propriétaire.) [HKLM] -- The Word O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65} O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464} O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30} ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\Academic Software Zurich] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Brigham Young University] [HKCU\Software\Brother] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DT Soft] [HKCU\Software\DVD Shrink] [HKCU\Software\Dell] [HKCU\Software\Druide informatique inc.] [HKCU\Software\Google] [HKCU\Software\HHD Software] [HKCU\Software\ISA2] [HKCU\Software\ISI ResearchSoft] [HKCU\Software\InfraRecorder] [HKCU\Software\JavaSoft] [HKCU\Software\LizardTech] [HKCU\Software\Logitech] [HKCU\Software\MJLSoftware] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Adobe2)] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Roxio] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\SlySoft] [HKCU\Software\Swiss Academic Software] [HKCU\Software\TechSmith] [HKCU\Software\Thunderbird] [HKCU\Software\Trend Micro] [HKCU\Software\Trolltech] [HKCU\Software\VMware, Inc.] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKLM\Software\ALWIL Software] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\BibleWorks] [HKLM\Software\Brigham Young University] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DT Soft] [HKLM\Software\Dell] [HKLM\Software\Druide informatique inc.] [HKLM\Software\Elaborate Bytes] [HKLM\Software\FileZilla 3] [HKLM\Software\FullCircle] [HKLM\Software\Google] [HKLM\Software\ISA2] [HKLM\Software\Intel] [HKLM\Software\JOANNEUM RESEARCH] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LizardTech] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\McAfeeInstaller] [HKLM\Software\McAfee] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Novell] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Skype] [HKLM\Software\SlySoft] [HKLM\Software\SoftThinks] [HKLM\Software\Sonic] [HKLM\Software\ThinPrint] [HKLM\Software\VMware, Inc.] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Wacom] [HKLM\Software\WinSoft] [HKLM\Software\Windows] [HKLM\Software\Wise Solutions] [HKLM\Software\Yahoo] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD: 24/08/2010 - 08:32:56 ----D- C:\Program Files\Adobe O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files O43 - CFD: 01/09/2010 - 12:29:24 ----D- C:\Program Files\Defraggler O43 - CFD: 12/11/2009 - 13:31:56 ----D- C:\Program Files\Dell O43 - CFD: 12/11/2009 - 13:16:34 ----D- C:\Program Files\Dell Inc O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\DVD Maker O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 20/11/2009 - 16:19:52 ----D- C:\Program Files\Internet Explorer O43 - CFD: 12/11/2009 - 13:18:08 ----D- C:\Program Files\Java O43 - CFD: 30/08/2010 - 14:03:10 ----D- C:\Program Files\McAfee O43 - CFD: 30/08/2010 - 14:02:38 ----D- C:\Program Files\McAfee.com O43 - CFD: 14/07/2009 - 16:35:26 ----D- C:\Program Files\Microsoft Games O43 - CFD: 19/11/2009 - 23:09:36 ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild O43 - CFD: 02/09/2010 - 13:10:42 ----D- C:\Program Files\Oracle O43 - CFD: 12/11/2009 - 13:12:02 ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\Windows Journal O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Mail O43 - CFD: 19/11/2009 - 18:52:20 ----D- C:\Program Files\Windows Media Player O43 - CFD: 17/11/2009 - 15:23:14 ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar O43 - CFD: 21/11/2009 - 15:42:16 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files\logishrd O43 - CFD: 20/11/2009 - 14:43:34 ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 30/08/2010 - 14:02:04 ----D- C:\Program Files\Common Files\McAfee O43 - CFD: 22/11/2009 - 20:13:46 ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System O43 - CFD: 24/01/2010 - 14:40:14 ----D- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data O43 - CFD: 17/11/2009 - 15:34:58 ----D- C:\ProgramData\Brigham Young University O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Bureau O43 - CFD: 26/12/2009 - 12:25:24 ----D- C:\ProgramData\CyberLink O43 - CFD: 24/11/2009 - 15:06:20 ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 07/02/2010 - 18:37:44 ----D- C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents O43 - CFD: 20/08/2010 - 15:55:22 ----D- C:\ProgramData\DVD Shrink O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites O43 - CFD: 07/06/2010 - 15:20:58 ----D- C:\ProgramData\FLEXnet O43 - CFD: 22/10/2010 - 13:36:20 ----D- C:\ProgramData\Gibraltar O43 - CFD: 12/11/2009 - 13:31:38 ----D- C:\ProgramData\Macrovision O43 - CFD: 21/08/2010 - 10:41:50 ----D- C:\ProgramData\Malwarebytes O43 - CFD: 18/11/2009 - 21:37:46 ----D- C:\ProgramData\McAfee O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 05/11/2010 - 15:07:48 ----D- C:\ProgramData\Microsoft O43 - CFD: 23/11/2009 - 14:38:36 ----D- C:\ProgramData\Microsoft Help O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Modèles O43 - CFD: 17/11/2009 - 15:28:16 ----D- C:\ProgramData\NVIDIA O43 - CFD: 12/11/2009 - 13:21:34 ----D- C:\ProgramData\PCDr O43 - CFD: 21/11/2009 - 15:41:32 ----D- C:\ProgramData\SafeNet Sentinel O43 - CFD: 12/12/2010 - 09:43:10 ----D- C:\ProgramData\Skype O43 - CFD: 07/01/2010 - 14:48:30 ----D- C:\ProgramData\SlySoft O43 - CFD: 12/11/2009 - 13:31:46 ----D- C:\ProgramData\Sonic O43 - CFD: 17/01/2011 - 16:10:40 ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\ProgramData\Sun O43 - CFD: 22/10/2010 - 13:30:18 ----D- C:\ProgramData\Swiss Academic Software O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates O43 - CFD: 24/09/2010 - 10:43:26 ----D- C:\ProgramData\The Word O43 - CFD: 12/11/2009 - 13:31:48 ----D- C:\ProgramData\Uninstall O43 - CFD: 18/01/2011 - 07:22:28 ----D- C:\ProgramData\VMware O43 - CFD: 21/11/2009 - 15:41:30 ----D- C:\ProgramData\WinSoft O43 - CFD: 18/02/2010 - 14:51:54 ----D- C:\ProgramData\Yahoo! O43 - CFD: 21/11/2009 - 15:42:16 ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files\logishrd O43 - CFD: 20/11/2009 - 14:43:34 ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 30/08/2010 - 14:02:04 ----D- C:\Program Files\Common Files\McAfee O43 - CFD: 22/11/2009 - 20:13:46 ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System O43 - CFD: 29/11/2009 - 10:03:22 ----D- C:\Program Files (x86)\2BrightSparks O43 - CFD: 20/11/2009 - 01:58:12 ----D- C:\Program Files (x86)\7-Zip O43 - CFD: 17/01/2011 - 20:26:24 ----D- C:\Program Files (x86)\Ad-Remover O43 - CFD: 24/01/2010 - 14:39:06 ----D- C:\Program Files (x86)\Adobe O43 - CFD: 24/08/2010 - 08:44:24 ----D- C:\Program Files (x86)\Adobe Reader 64-bit fixes O43 - CFD: 17/11/2009 - 16:01:20 ----D- C:\Program Files (x86)\BibleWorks 6 O43 - CFD: 17/11/2009 - 15:31:44 ----D- C:\Program Files (x86)\Brigham Young University O43 - CFD: 23/08/2010 - 13:37:16 ----D- C:\Program Files (x86)\CCleaner O43 - CFD: 22/10/2010 - 13:30:10 ----D- C:\Program Files (x86)\Citavi 3 O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\Program Files (x86)\Common Files O43 - CFD: 12/11/2009 - 13:25:32 ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 15/01/2010 - 22:00:26 ----D- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 07/02/2010 - 18:29:16 ----D- C:\Program Files (x86)\Dell O43 - CFD: 23/08/2010 - 14:01:10 ----D- C:\Program Files (x86)\Druide O43 - CFD: 23/01/2010 - 11:57:12 ----D- C:\Program Files (x86)\DVD Shrink O43 - CFD: 29/08/2010 - 09:50:32 ----D- C:\Program Files (x86)\EndNote X1 O43 - CFD: 29/11/2009 - 09:38:00 ----D- C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 20/04/2010 - 08:14:20 ----D- C:\Program Files (x86)\Free Download Manager O43 - CFD: 03/01/2011 - 09:30:30 ----D- C:\Program Files (x86)\GanttProject O43 - CFD: 29/09/2010 - 17:31:30 ----D- C:\Program Files (x86)\Google O43 - CFD: 24/11/2009 - 23:35:22 ----D- C:\Program Files (x86)\InfraRecorder O43 - CFD: 01/12/2010 - 19:00:38 ----D- C:\Program Files (x86)\Inkscape O43 - CFD: 20/08/2010 - 14:28:32 --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 12/11/2009 - 13:18:14 ----D- C:\Program Files (x86)\Intel O43 - CFD: 08/01/2010 - 10:42:50 ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 01/10/2010 - 10:52:30 ----D- C:\Program Files (x86)\ISA2 O43 - CFD: 17/01/2011 - 17:17:52 ----D- C:\Program Files (x86)\Java O43 - CFD: 24/02/2010 - 13:39:20 ----D- C:\Program Files (x86)\JavaSoft O43 - CFD: 08/01/2011 - 23:30:34 ----D- C:\Program Files (x86)\JDownloader O43 - CFD: 23/01/2010 - 10:07:58 ----D- C:\Program Files (x86)\LizardTech O43 - CFD: 14/01/2011 - 08:50:10 ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 30/08/2010 - 23:21:52 ----D- C:\Program Files (x86)\McAfee O43 - CFD: 01/09/2010 - 06:52:20 ----D- C:\Program Files (x86)\McAfee.com O43 - CFD: 12/11/2009 - 13:28:48 ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 14/11/2010 - 08:53:34 ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 12/11/2009 - 13:30:00 ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 12/11/2009 - 13:30:54 ----D- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 19/11/2009 - 23:09:24 ----D- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 26/11/2009 - 22:09:30 ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 19/11/2009 - 23:11:38 ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 10/12/2010 - 10:55:20 ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 12/12/2010 - 09:42:56 ----D- C:\Program Files (x86)\Mozilla Thunderbird O43 - CFD: 19/11/2009 - 23:11:58 ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 23/11/2009 - 09:57:24 ----D- C:\Program Files (x86)\MSECache O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Roxio O43 - CFD: 27/11/2009 - 11:37:40 ----D- C:\Program Files (x86)\SIW O43 - CFD: 12/12/2010 - 09:43:38 R---D- C:\Program Files (x86)\Skype O43 - CFD: 30/01/2010 - 15:34:10 ----D- C:\Program Files (x86)\SlySoft O43 - CFD: 17/01/2011 - 20:39:18 ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 12/02/2010 - 13:01:20 ----D- C:\Program Files (x86)\Tablet O43 - CFD: 12/02/2010 - 12:59:58 ----D- C:\Program Files (x86)\TabletPlugins O43 - CFD: 12/02/2010 - 11:33:20 ----D- C:\Program Files (x86)\Tablette O43 - CFD: 24/09/2010 - 10:43:58 ----D- C:\Program Files (x86)\The Word O43 - CFD: 13/01/2011 - 20:11:48 ----D- C:\Program Files (x86)\Trend Micro O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 19/03/2010 - 10:10:58 ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 20/04/2010 - 15:01:28 ----D- C:\Program Files (x86)\VMware O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 12/11/2009 - 13:31:12 ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 12/11/2009 - 13:28:30 ----D- C:\Program Files (x86)\Windows Live SkyDrive O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 15/01/2011 - 17:35:40 ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 18/02/2010 - 14:51:50 ----D- C:\Program Files (x86)\Yahoo! O43 - CFD: 19/01/2011 - 22:31:20 ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 21/11/2009 - 15:43:28 ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 20/11/2009 - 14:44:54 ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 18/01/2011 - 07:22:30 ----D- C:\Program Files (x86)\Common Files\Akamai O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 17/11/2009 - 15:42:54 ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/11/2009 - 14:43:30 ----D- C:\Program Files (x86)\Common Files\Macrovision Shared O43 - CFD: 01/09/2010 - 06:52:20 ----D- C:\Program Files (x86)\Common Files\McAfee O43 - CFD: 26/11/2009 - 22:09:30 ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 12/11/2009 - 13:31:50 ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 29/08/2010 - 09:50:24 ----D- C:\Program Files (x86)\Common Files\Risxtd O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 12/12/2010 - 09:43:16 ----D- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 24/02/2010 - 13:39:26 ----D- C:\Program Files (x86)\Common Files\SWF Studio O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 29/08/2010 - 09:50:20 ----D- C:\Program Files (x86)\Common Files\Thomson ResearchSoft O43 - CFD: 26/04/2010 - 16:15:12 ----D- C:\Program Files (x86
×
×
  • Créer...