Crash

[jeanmi22]

Voila, mon problème, suite a une attaque, virus ou malwares, qui ont été éradiquer avec Avira tout du moins je le pense, je n'ai plus de Bureau, plus de barre des taches, plus de barre de lancement rapide, plus de menu démarrer.

 

Lorsque je reboot le PC disons que tout se passe bien, sauf qu'après l'écran de bienvenue j'arrive directement dans la fenêtre "mes documents" j'ai eu beau aller voir dans le panneau de config, ou faire "msconfig" et selectionner mes options de démarrage çà ne change rien.

 

ma config : windows vista pro.(que je ne trouve pas terrible, dans le pire des cas je me demande si je ne vais pas revenir à XP)

 

Avant que je ne Format, si qqu'un pouvait me filer un coup de main ce serait sympa. Merci.

[pear]

Bonjour,

Téléchargez SystemLook sur le Bureau à partir d'un des liens ci-dessous.

Miroir de téléchargement #1

Miroir de téléchargement #2

* Double-cliquer sur SystemLook.exepour le lancer.

* Clic droit|Copier sur ce qui suit , en vert et clic droit|Coller dans la zone texte de SystemLook :

:reg

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

 

* Cliquer sur le bouton Look pour démarrer l'examen.

* le Bloc-notes s'ouvrira avec le résultat de l'analyse.

Copier-coller le rapport dans la prochaine réponse.

 

Note : Le rapport peut aussi être trouvé sur le Bureau sous le nom SystemLook.txt

 

Plus d'informations sur la version complète de cet outil.

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Il ne nécessite aucune installation.

- Il peut être lancé depuis n'importe quelle unité de disque.

- Il peut être lancé d'une clé USB.

 

Cliquez sur letournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous aurez à accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

Modifié le 9 février 2010 par pear

[jeanmi22]

Voila le rapport fait avec ZHP Diag

 

 

 

Rapport de ZHPDiag v1.25.115 par Nicolas Coolman

Run by JeanMichel at 09/02/2010 15:05:24

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

 

---\\ Web Browser

MSIE: Internet Explorer v7.0.6000.16681

MFIE: Mozilla Firefox (3.5.7)

 

---\\ System Information

Platform : Windows Vista Ultimate (6.0.6000)

Processor: x86 Family 15 Model 31 Stepping 0, AuthenticAMD

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1022 MB (38% free)

System drive C: has 10 GB (29%) free of 35 GB

 

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 35 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 117 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 298 Go)

 

 

---\\ Processus lancés

[MD5.C1E17F8DF7524B454E57A0C887307403] - (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

[MD5.7522597DD61F651A95A471D798E08304] - (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

[MD5.1BB128A09911A936E8EFC30C3F6C597C] - (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\Windows\system32\msconfig.exe

[MD5.9AD9E2FB2811123DA13DE84CC154AB77] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

[MD5.B98FFA8288EFAABC436C30D198608345] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[MD5.CE6892CF204645111347E008CC8C99DB] - (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

[MD5.FEDB6110D3E0A7EFE6996F93CD8C48E7] - (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe

[MD5.2F0F0E6AA6F5874E13E792996077138B] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

[MD5.33E5A8FC8EB0EE42478F8538D0215D8F] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

[MD5.3103FE27C967675B019E880AA6DA3D6D] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.20EF9002CFF89C4C1077E4415EC7297B] - (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[MD5.582F3A0BA61D8F0D50C66B592808B6D6] - (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

[MD5.10DA15933D582D2FEDCF705EFE394B09] - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

[MD5.A1DCD30534835CB67733AD00175125A6] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe

 

 

---\\ Pages de recherche de Mozilla Firefox (M1)

M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\inspector@mozilla.org

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=explorer.exe rundll32.exe sojs.smo nlxyat

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15421&l=dis

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\system32\BhoECart.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\Windows\system32\msconfig.exe

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKLM\..\Run: [Nikon Transfer Monitor] . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe

O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - Global Startup: Adobe Gamma.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) -

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{49533BB6-86FF-41D0-84DF-E7867A12A4EB}: NameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{49533BB6-86FF-41D0-84DF-E7867A12A4EB}: NameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{49533BB6-86FF-41D0-84DF-E7867A12A4EB}: NameServer = 192.168.1.1

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r115.) -- C:\Windows\system32\Macromed\Flash\Flash9e.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ACDSee Gestionnaire de photos 2009 - (.ACD Systems International.)

O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.)

O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.)

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.)

O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..)

O42 - Logiciel: Adobe Reader 9.2 - Français - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.)

O42 - Logiciel: Advertising Center - (.Nero AG.)

O42 - Logiciel: ArcSoft Panorama Maker 4 - (.ArcSoft.)

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.)

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.)

O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.)

O42 - Logiciel: CD-LabelPrint - (.Pas de propriétaire.)

O42 - Logiciel: Canon MP Navigator EX 1.0 - (.Pas de propriétaire.)

O42 - Logiciel: Canon MP610 series - (.Pas de propriétaire.)

O42 - Logiciel: Canon My Printer - (.Pas de propriétaire.)

O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.)

O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.)

O42 - Logiciel: DivX Codec - (.DivX, Inc..)

O42 - Logiciel: DivX Content Uploader - (.DivX, Inc..)

O42 - Logiciel: DivX Converter - (.DivX, Inc..)

O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..)

O42 - Logiciel: DivX Web Player - (.DivX,Inc..)

O42 - Logiciel: DolbyFiles - (.Nero AG.)

O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.)

O42 - Logiciel: Enregistrement utilisateur de Canon MP610 series - (.Pas de propriétaire.)

O42 - Logiciel: FLAC codecs - (.Shark007.)

O42 - Logiciel: File Uploader - (.Nikon.)

O42 - Logiciel: FormatFactory 2.20 - (.Free Time.)

O42 - Logiciel: Java 6 Update 11 - (.Sun Microsystems, Inc..)

O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.)

O42 - Logiciel: MediaInfo 0.7.25 - (.MediaArea.net.)

O42 - Logiciel: Menu Templates - Starter Kit - (.Nero AG.)

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.)

O42 - Logiciel: Mozilla Firefox (3.5.7) - (.Mozilla.)

O42 - Logiciel: Mozilla Thunderbird (2.0.0.23) - (.Mozilla.)

O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.)

O42 - Logiciel: Nero 9 - (.Nero AG.)

O42 - Logiciel: Nero 9 Trial - (.Nero AG.)

O42 - Logiciel: Nero BurnRights - (.Nero AG.)

O42 - Logiciel: Nero ControlCenter - (.Nero AG.)

O42 - Logiciel: Nero CoverDesigner - (.Nero AG.)

O42 - Logiciel: Nero Disc Copy Gadget - (.Nero AG.)

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.)

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.)

O42 - Logiciel: Nero InfoTool - (.Nero AG.)

O42 - Logiciel: Nero Installer - (.Nero AG.)

O42 - Logiciel: Nero StartSmart - (.Nero AG.)

O42 - Logiciel: NeroBurningROM - (.Nero AG.)

O42 - Logiciel: NeroExpress - (.Nero AG.)

O42 - Logiciel: Nikon Message Center - (.Nikon.)

O42 - Logiciel: Nikon Transfer - (.Nikon.)

O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.)

O42 - Logiciel: Picture Control Utility - (.Nikon.)

O42 - Logiciel: Realtek AC'97 Audio - (.Pas de propriétaire.)

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.)

O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.)

O42 - Logiciel: VCRedistSetup - (.Nero AG.)

O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.)

O42 - Logiciel: ViewNX - (.Nikon.)

O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.)

O42 - Logiciel: Vista Codec Package - (..)

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.)

O42 - Logiciel: jv16 PowerTools 2008 - (.Macecraft Software.)

O42 - Logiciel: neroxml - (.Nero AG.)

 

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\ACD Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft

O43 - CFD:Common File Directory ----D- C:\Program Files\audible

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\Canon

O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory --H-D- C:\Program Files\Creative Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime

O43 - CFD:Common File Directory ----D- C:\Program Files\illiminable

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\jv16 PowerTools 2008

O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys

O43 - CFD:Common File Directory ----D- C:\Program Files\MediaInfo

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon

O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD:Common File Directory ----D- C:\Program Files\SystemRequirementsLab

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Virtualis

O43 - CFD:Common File Directory ----D- C:\Program Files\VistaCodecPack

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ACD Systems

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\CANON

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nikon

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.340D65A8DE087849F499FEE1CF367D91] - 09/02/2010 - 10:50:09 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat

O44 - LFC:[MD5.F3D29146C753FBF462BC4F56E60B6285] - 09/02/2010 - 10:11:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log

O44 - LFC:[MD5.B69FF7F12F18F8D7F0203180D67F58CA] - 08/02/2010 - 20:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI

O44 - LFC:[MD5.D5C8E27380DF18AF117EE576BE9D0C45] - 08/02/2010 - 20:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat

O44 - LFC:[MD5.17171D673C682929FD19A78FAB02519D] - 08/02/2010 - 20:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat

O44 - LFC:[MD5.56D3396313F4FC40E3975B0E5F4C7721] - 08/02/2010 - 20:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat

O44 - LFC:[MD5.CE93BB4FE685B8CD511D705BDF826130] - 08/02/2010 - 20:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat

O44 - LFC:[MD5.83C24804237B8E5A6B181072D030A297] - 08/02/2010 - 20:50:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT

O44 - LFC:[MD5.42EEBB52D969559F2BDFF848A1BE4FFF] - 08/02/2010 - 20:45:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt

O44 - LFC:[MD5.4E933899609FED370E64B0124B3FD26F] - 08/02/2010 - 17:11:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\sojs.smo

O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 31/01/2010 - 15:41:10 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\QTFont.qfn

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 07/02/2010 - 10:26:38 ---A- C:\Windows\Prefetch\ACRORD32.EXE-157C97D7.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 17:11:20 ---A- C:\Windows\Prefetch\PDFUPD.EXE-0FF301C2.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 17:11:33 ---A- C:\Windows\Prefetch\SVCHOST.EXE-3C438846.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 17:47:10 ---A- C:\Windows\Prefetch\AVGNT.EXE-C4FB88B7.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 17:50:43 ---A- C:\Windows\Prefetch\UTILMAN.EXE-6DAF08F5.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:02:10 ---A- C:\Windows\Prefetch\SVCHOST.EXE-F59CA9BD.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:10:49 ---A- C:\Windows\Prefetch\SDMAIN.EXE-7806F371.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:11:07 ---A- C:\Windows\Prefetch\CONIME.EXE-B273009A.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:11:07 ---A- C:\Windows\Prefetch\SPYBOTSD.EXE-8CD4E785.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:11:57 ---A- C:\Windows\Prefetch\JV16PT.EXE-DBCE49BB.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:19:34 ---A- C:\Windows\Prefetch\CCLEANER.EXE-CC440CDB.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:19:55 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-7BF4CE40.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:20:00 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-908418F6.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:22:53 ---A- C:\Windows\Prefetch\CLEANMGR.EXE-B508FB28.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:22:54 ---A- C:\Windows\Prefetch\OSE.EXE-3816C9F4.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:24:16 ---A- C:\Windows\Prefetch\AVSCAN.EXE-1FDA38F3.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:31:23 ---A- C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:31:24 ---A- C:\Windows\Prefetch\WUDFHOST.EXE-81420B07.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:31:26 ---A- C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 18:47:35 ---A- C:\Windows\Prefetch\AVNOTIFY.EXE-4291C867.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 19:38:23 ---A- C:\Windows\Prefetch\LOGON.SCR-7C80CA1C.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 19:39:33 ---A- C:\Windows\Prefetch\WERCON.EXE-FE5CD389.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 19:39:33 ---A- C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 19:41:41 ---A- C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:32:59 ---A- C:\Windows\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:33:49 ---A- C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3209987205-3523951919-2384301513-1000.snp.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:33:51 ---A- C:\Windows\Prefetch\SMSS.EXE-1DCD0EB1.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:34:00 ---A- C:\Windows\Prefetch\CSRSS.EXE-8C04D631.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:34:02 ---A- C:\Windows\Prefetch\WINLOGON.EXE-8163EECC.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:34:05 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-247B150A.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:35:23 ---A- C:\Windows\Prefetch\AgCx_SC3_A9F4BB8F.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:37:31 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3209987205-3523951919-2384301513-1000.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:37:31 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3209987205-3523951919-2384301513-1000.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:41:28 ---A- C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\ATBROKER.EXE-FF58B71D.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\AVGUARD.EXE-E68E3831.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\NBSERVICE.EXE-723B4EB5.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-CE557EE2.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:51:49 ---A- C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:52:39 ---A- C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:52:42 ---A- C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:56:01 ---A- C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:56:42 ---A- C:\Windows\Prefetch\AVWSC.EXE-877F4F63.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:57:31 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-3FCBF927.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:57:48 ---A- C:\Windows\Prefetch\FIREFOX.EXE-E60C0AA7.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:58:36 ---A- C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 20:58:37 ---A- C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:02:16 ---A- C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:02:26 ---A- C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:02:56 ---A- C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:03:24 ---A- C:\Windows\Prefetch\MSCONFIG.EXE-0B9585D9.pf

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:06:08 ---A- C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:06:08 ---A- C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:06:08 ---A- C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:06:08 ---A- C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:Last File Created Prefetch 08/02/2010 - 21:06:08 ---A- C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 17:05:18 ---A- C:\Windows\Prefetch\EMULE.EXE-89BBDF8E.pf

O45 - LFCP:Last File Created Prefetch 30/01/2010 - 14:30:55 ---A- C:\Windows\Prefetch\SDFILES.EXE-BE929387.pf

O45 - LFCP:Last File Created Prefetch 30/01/2010 - 23:09:17 ---A- C:\Windows\Prefetch\DIVXCODECVERSIONCHECKER.EXE-89CBEECF.pf

O45 - LFCP:Last File Created Prefetch 31/01/2010 - 15:31:30 ---A- C:\Windows\Prefetch\DEVDETECT.EXE-A1BE8815.pf

O45 - LFCP:Last File Created Prefetch 31/01/2010 - 15:44:07 ---A- C:\Windows\Prefetch\DIVXSM.EXE-D77E8EF2.pf

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm

O52 - TDSD: \Drivers32\"VIDC.ACDV"="ACDV.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.7.0 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\Windows\System32\vorbis.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm

O52 - TDSD: \drivers.desc\"ACDV.dll"="ACDV 1.0" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.9A6AA923F00D368C8AD3BD7485D5CDCA] - 18/05/2005 - 17:50:30 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\Windows\system32\drivers\ALCXWDM.SYS

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.9AFA62DB7F553A0F1F52C70B738B0064] - 19/01/2007 - 00:03:24 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 22:22:16 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.69D60D2ECD43D0F9F3ACCC16926E9128] - 02/05/2008 - 22:46:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.) -- C:\Windows\system32\drivers\nvlddmkm.sys

O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys

O58 - SDL:[MD5.D668632606D1CEBF0B6EC64C1DF7ED6F] - 18/11/2007 - 03:39:50 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmfdx32.sys

O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 30/06/2009 - 09:37:16 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\Windows\system32\drivers\pavboot.sys

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.CD85DD531C2FC085108AEBC047072476] - 02/03/2007 - 12:19:42 ---A- . (.PARADOX - Release Build v1.00.) -- C:\Windows\system32\drivers\royal.sys

O58 - SDL:[MD5.75D32999D2711F8A5CA49FFD0CBB9ABB] - 25/03/2008 - 20:15:30 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\Windows\system32\drivers\RTKVAC.SYS

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 13/07/2009 - 21:59:08 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

O58 - SDL:[MD5.2F9806B52CB3748B1E49222744B28E3C] - 24/11/2008 - 12:03:21 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\Windows\system32\PCANDIS5.sys

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 06/02/2010 - 12:22:13 ----- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\05Février2010\DSCN0474.JPG

O61 - LFC:Last File Created 06/02/2010 - 12:22:14 ----- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\05Février2010\DSCN0475.JPG

O61 - LFC:Last File Created 06/02/2010 - 12:22:16 ----- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\05Février2010\DSCN0476.JPG

O61 - LFC:Last File Created 06/02/2010 - 12:23:02 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\05Février2010\DSCN0477.jpg

O61 - LFC:Last File Created 06/02/2010 - 12:23:24 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\05Février2010\DSCN0478.jpg

O61 - LFC:Last File Created 06/02/2010 - 16:21:29 R--A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\[Fichiers originaux]\Pdt_2.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:21:32 R--A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\[Fichiers originaux]\Choux_dedans.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:21:34 R--A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\[Fichiers originaux]\Les_Radis.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:21:37 R--A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\[Fichiers originaux]\Choux_dehors.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:21:39 R--A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\[Fichiers originaux]\Pdt_1.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:24:41 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\Pdt_1.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:24:44 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\Choux_dedans.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:24:46 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\Les_Radis.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:24:49 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\Choux_dehors.JPG

O61 - LFC:Last File Created 06/02/2010 - 16:25:46 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Le_Potager_2010\philippe\Pdt_2.JPG

O61 - LFC:Last File Created 06/02/2010 - 17:11:34 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\Piments_2010\noel-fetes-36_16_26.gif

O61 - LFC:Last File Created 06/02/2010 - 17:53:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Récent\Bibliothèque.lnk

O61 - LFC:Last File Created 06/02/2010 - 17:53:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Récent\EUROTOOL.XLA.lnk

O61 - LFC:Last File Created 06/02/2010 - 17:53:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Récent\Jardin_2010.lnk

O61 - LFC:Last File Created 06/02/2010 - 17:53:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Récent\La Liste 2010 de Graines de Jeanmi22.xls.lnk

O61 - LFC:Last File Created 06/02/2010 - 17:53:36 --H-- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Récent\index.dat

O61 - LFC:Last File Created 06/02/2010 - 18:01:06 ---A- C:\Users\JeanMichel\Mes images\Jardin_2010\La Liste 2010 de Graines de Jeanmi22.xls

O61 - LFC:Last File Created 06/02/2010 - 18:01:10 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Excel\Excel11.xlb

O61 - LFC:Last File Created 06/02/2010 - 18:01:10 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Excel11.pip

O61 - LFC:Last File Created 06/02/2010 - 23:34:40 ---A- C:\Users\JeanMichel\Mes images\Ballade\Ballade du 05Février2010\DSCN0459.jpg

O61 - LFC:Last File Created 06/02/2010 - 23:34:53 ---A- C:\Users\JeanMichel\Mes images\Ballade\Ballade du 05Février2010\DSCN0458.jpg

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\AssetExif.dbf

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\AssetExif.fpt

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\ExifImage.dbf

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\ExifImage.fpt

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\MakerNikon.dbf

O61 - LFC:Last File Created 06/02/2010 - 23:34:55 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\MakerNikon.fpt

O61 - LFC:Last File Created 06/02/2010 - 23:38:44 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\AssetExif.cdx

O61 - LFC:Last File Created 06/02/2010 - 23:38:44 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\ExifImage.cdx

O61 - LFC:Last File Created 06/02/2010 - 23:38:44 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\MakerNikon.cdx

O61 - LFC:Last File Created 07/02/2010 - 10:26:55 ---A- C:\Users\JeanMichel\AppData\Roaming\Adobe\Acrobat\9.0\TMDocs.sav

O61 - LFC:Last File Created 07/02/2010 - 10:26:55 ---A- C:\Users\JeanMichel\AppData\Roaming\Adobe\Acrobat\9.0\TMGrpPrm.sav

O61 - LFC:Last File Created 07/02/2010 - 10:35:55 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\downloads.rdf

O61 - LFC:Last File Created 07/02/2010 - 17:16:56 ---A- C:\Users\JeanMichel\Downloads\Diag\ZHPDiag.exe

O61 - LFC:Last File Created 07/02/2010 - 22:57:37 ---A- C:\Users\JeanMichel\AppData\Roaming\dvdcss\CACHEDIR.TAG

O61 - LFC:Last File Created 07/02/2010 - 23:30:00 --HA- C:\Users\JeanMichel\AppData\Local\IconCache.db

O61 - LFC:Last File Created 08/02/2010 - 12:02:28 ----- C:\Users\JeanMichel\AppData\Local\Temp\jar_cache4051988211725275064.tmp

O61 - LFC:Last File Created 08/02/2010 - 15:58:05 R--A- C:\Users\JeanMichel\AppData\Local\Temp\050321242b07346bdfd6f6e836591bc9.PDF

O61 - LFC:Last File Created 08/02/2010 - 15:58:31 ---A- C:\Users\JeanMichel\AppData\Roaming\Adobe\Acrobat\9.0\JavaScripts\glob.js

O61 - LFC:Last File Created 08/02/2010 - 15:58:31 ---A- C:\Users\JeanMichel\AppData\Roaming\Adobe\Acrobat\9.0\JavaScripts\glob.settings.js

O61 - LFC:Last File Created 08/02/2010 - 17:02:53 ---A- C:\Users\JeanMichel\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

O61 - LFC:Last File Created 08/02/2010 - 17:10:51 ---A- C:\Users\JeanMichel\AppData\Local\Temp\plugtmp-2\plugin-all.pdf

O61 - LFC:Last File Created 08/02/2010 - 17:10:51 ---A- C:\Users\JeanMichel\AppData\Local\Temp\plugtmp-2\plugin-newplayer.pdf

O61 - LFC:Last File Created 08/02/2010 - 17:11:10 ---A- C:\Users\JeanMichel\AppData\Local\Temp\262E.tmp

O61 - LFC:Last File Created 08/02/2010 - 17:11:23 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\VB11.pip

O61 - LFC:Last File Created 08/02/2010 - 17:11:23 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\Office\Word11.pip

O61 - LFC:Last File Created 08/02/2010 - 17:47:24 ---A- C:\Users\JeanMichel\AppData\Local\Temp\WER914C.tmp.version.txt

O61 - LFC:Last File Created 08/02/2010 - 17:58:04 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\FolderRoot.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:58:57 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Asset.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:58:57 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Thumb2.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:58:57 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Thumb2.fpt

O61 - LFC:Last File Created 08/02/2010 - 17:59:17 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Folder.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Asset.cdx

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\FileType.cdx

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\FileType.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Folder.cdx

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\JoinAssetTypeFileType.cdx

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\JoinAssetTypeFileType.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\JoinFieldSetFileType.cdx

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\JoinFieldSetFileType.dbf

O61 - LFC:Last File Created 08/02/2010 - 17:59:27 ---A- C:\Users\JeanMichel\AppData\Local\ACD Systems\Catalogs\110\Default\Thumb2.cdx

O61 - LFC:Last File Created 08/02/2010 - 22:22:50 ---A- C:\Users\JeanMichel\AppData\Roaming\Microsoft\MMC\eventvwr

O61 - LFC:Last File Created 08/02/2010 - 22:23:41 ---A- C:\Users\JeanMichel\AppData\Local\Temp\java_install_reg.log

O61 - LFC:Last File Created 08/02/2010 - 23:38:04 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.wanadoo.fr\popstate.dat

O61 - LFC:Last File Created 08/02/2010 - 23:38:15 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\cert8.db

O61 - LFC:Last File Created 08/02/2010 - 23:38:15 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\key3.db

O61 - LFC:Last File Created 08/02/2010 - 23:38:15 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\prefs.js

O61 - LFC:Last File Created 08/02/2010 - 23:38:15 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\virtualFolders.dat

O61 - LFC:Last File Created 08/02/2010 - 23:41:55 ---A- C:\Users\JeanMichel\AppData\Local\Temp\JeanMichel.bmp

O61 - LFC:Last File Created 08/02/2010 - 23:47:48 ---A- C:\Users\JeanMichel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

O61 - LFC:Last File Created 09/02/2010 - 11:17:59 ---A- C:\Users\JeanMichel\AppData\Roaming\Talkback\MozillaOrg\Thunderbird2\Win32\2009081210\permdata.box

O61 - LFC:Last File Created 09/02/2010 - 11:20:00 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Login.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:00 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Drafts.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:00 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Unsent Messages.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:05 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.wanadoo.fr\Trash.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:06 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.orange.fr\Inbox.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:07 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.orange.fr\Trash.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:08 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.orange-1.fr\Inbox.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:09 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.orange-1.fr\Trash.msf

O61 - LFC:Last File Created 09/02/2010 - 11:23:15 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.wanadoo.fr\Inbox.msf

O61 - LFC:Last File Created 09/02/2010 - 11:24:06 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Trash.msf

O61 - LFC:Last File Created 09/02/2010 - 11:24:59 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Trash

O61 - LFC:Last File Created 09/02/2010 - 11:28:33 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\localstore.rdf

O61 - LFC:Last File Created 09/02/2010 - 11:28:35 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Login

O61 - LFC:Last File Created 09/02/2010 - 11:28:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Sent

O61 - LFC:Last File Created 09/02/2010 - 11:28:36 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Sent.msf

O61 - LFC:Last File Created 09/02/2010 - 11:28:37 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\abook.mab

O61 - LFC:Last File Created 09/02/2010 - 12:00:28 ---A- C:\Users\JeanMichel\Downloads\activescan2_fr.exe

O61 - LFC:Last File Created 09/02/2010 - 12:02:45 ---A- C:\Users\JeanMichel\AppData\Local\Temp\PSSysChk.log

O61 - LFC:Last File Created 09/02/2010 - 12:17:59 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\blocklist.xml

O61 - LFC:Last File Created 09/02/2010 - 13:04:36 ---A- C:\Users\JeanMichel\AppData\Local\Temp\stadistic.log

O61 - LFC:Last File Created 09/02/2010 - 14:28:02 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Inbox

O61 - LFC:Last File Created 09/02/2010 - 14:28:02 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\Local Folders\Inbox.msf

O61 - LFC:Last File Created 09/02/2010 - 14:58:01 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\Mail\pop.orange.fr\popstate.dat

O61 - LFC:Last File Created 09/02/2010 - 14:59:02 ---A- C:\Users\JeanMichel\AppData\Roaming\Thunderbird\Profiles\jdteyv47.default\panacea.dat

O61 - LFC:Last File Created 09/02/2010 - 15:02:50 ---A- C:\Users\JeanMichel\Downloads\Diag\ZHPDiag.zip

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: - (.not file.) - RkPavproc1 (RkPavproc1) .(.Pas de propriétaire - Pas de description.) - LEGACY_RKPAVPROC1

O64 - Services: - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

 

 

 

End of the scan (592 lines in 03mn 19s)

 

Je fais l'autre tout de suite. Merci.

[jeanmi22]

Et voila la suite avec systemlook.

 

J'ai l'impression que le noeud du problème est là. Mais c'est pas moi l'expert.

 

SystemLook v1.0 by jpshortstuff (11.01.10)

Log created at 15:17 on 09/02/2010 by JeanMichel (Administrator - Elevation successful)

 

========== reg ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

(Unable to open key - key not found)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

(Unable to open key - key not found)

 

-=End Of File=-

 

 

Ps : je viens de m'apercevoir que je n'ai plus le son non plus.

Modifié le 9 février 2010 par jeanmi22

[pear]

Bonsoir,

 

 

Surpris de la réponse de systemlook. ces clés existent surement.

Vous êtes certain de n'avoir pas fait d'erreur ?

 

 

Téléchargez les logiciels suivants pour les lancer l'un après l'autre.

 

Télécharger load_tdsskiller de Loup Blanc sur le Bureau

Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.

• Lancer load_tdsskiller en double-cliquant dessus :
  l'outil va se connecter au Net pour télécharger une copie à jour de TDSSKiller et lancer le scan
  
• Un message dans la fenêtre noire d'invite de commande vous demandera d'appuyer sur une touche pour continuer
  
• Le rapport s'affichera automatiquement : copier-coller son contenu dans la prochaine réponse
  (le fichier est également présent ici : C:\tdsskiller\report.txt)
  
• Redémarrer le PC
  

 

rkill.comTélécharger Rkill de Grinler sur le bureau,

double clic pour le lancer.

Sous Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur"

Une fenêtre (très rapide) indiquera que tout s'est bien déroulé.

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

il y aura 'un rapport là: %SystemDrive%\rkill.log

donnant la liste de tous les processus arrêtés.

 

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Vous devez désactiver vos protections et ne savez pas comment faire

 

Sur Bleeping Computers en Anglais:

 

Sur PCA,En Français

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen complet"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

[jeanmi22]

Voici le résultat avec tdsskiller.

 

18:50:56:381 1468 TDSS rootkit removing tool 2.2.3 Feb 4 2010 14:34:00

18:50:56:381 1468 ================================================================================

18:50:56:382 1468 SystemInfo:

 

18:50:56:382 1468 OS Version: 6.0.6000 ServicePack: 0.0

18:50:56:382 1468 Product type: Workstation

18:50:56:382 1468 ComputerName: PCDEJEANMICHEL

18:50:56:382 1468 UserName: JeanMichel

18:50:56:382 1468 Windows directory: C:\Windows

18:50:56:382 1468 Processor architecture: Intel x86

18:50:56:382 1468 Number of processors: 1

18:50:56:382 1468 Page size: 0x1000

18:50:56:382 1468 Boot type: Normal boot

18:50:56:382 1468 ================================================================================

18:50:56:386 1468 UnloadDriverW: NtUnloadDriver error 2

18:50:56:387 1468 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2

18:50:56:387 1468 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\drivers\klmd.sys) returned status 00000000

18:51:04:074 1468 UtilityInit: KLMD drop and load success

18:51:04:074 1468 KLMD_OpenDevice: Trying to open KLMD Device(KLMD201010)

18:51:04:074 1468 UtilityInit: KLMD open success

18:51:04:074 1468 UtilityInit: Initialize success

18:51:04:074 1468

18:51:04:075 1468 Scanning Services ...

18:51:04:075 1468 CreateRegParser: Registry parser init started

18:51:04:075 1468 CreateRegParser: DisableWow64Redirection error

18:51:04:075 1468 wfopen_ex: Trying to open file C:\Windows\system32\config\system

18:51:04:076 1468 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\config\system) returned status C0000043

18:51:04:076 1468 wfopen_ex: MyNtCreateFileW error 32 (C0000043)

18:51:04:076 1468 wfopen_ex: Trying to KLMD file open

18:51:04:076 1468 KLMD_CreateFileW: Trying to open file C:\Windows\system32\config\system

18:51:04:076 1468 wfopen_ex: File opened ok (Flags 2)

18:51:04:089 1468 CreateRegParser: HIVE_ADAPTER(C:\Windows\system32\config\system) init success: 1EA1338

18:51:04:089 1468 wfopen_ex: Trying to open file C:\Windows\system32\config\software

18:51:04:089 1468 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\config\software) returned status C0000043

18:51:04:089 1468 wfopen_ex: MyNtCreateFileW error 32 (C0000043)

18:51:04:089 1468 wfopen_ex: Trying to KLMD file open

18:51:04:089 1468 KLMD_CreateFileW: Trying to open file C:\Windows\system32\config\software

18:51:04:089 1468 wfopen_ex: File opened ok (Flags 2)

18:51:04:089 1468 CreateRegParser: HIVE_ADAPTER(C:\Windows\system32\config\software) init success: 1EA1360

18:51:04:089 1468 CreateRegParser: EnableWow64Redirection error

18:51:04:089 1468 CreateRegParser: RegParser init completed

18:51:04:721 1468 GetAdvancedServicesInfo: Raw services enum returned 404 services

18:51:04:725 1468 fclose_ex: Trying to close file C:\Windows\system32\config\system

18:51:04:726 1468 fclose_ex: Trying to close file C:\Windows\system32\config\software

18:51:04:726 1468

18:51:04:727 1468 Scanning Kernel memory ...

18:51:04:727 1468 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk

18:51:04:727 1468 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 83CE9F38

18:51:04:727 1468 DetectCureTDL3: KLMD_GetDeviceObjectList returned 3 DevObjects

18:51:04:727 1468

18:51:04:727 1468 DetectCureTDL3: DEVICE_OBJECT: 8C7E7750

18:51:04:727 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8C7E7750

18:51:04:727 1468 DetectCureTDL3: DEVICE_OBJECT: 8DC0B7E0

18:51:04:727 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8DC0B7E0

18:51:04:727 1468 KLMD_ReadMem: Trying to ReadMemory 0x8DC0B7E0[0x38]

18:51:04:727 1468 DetectCureTDL3: DRIVER_OBJECT: 8DC0C030

18:51:04:727 1468 KLMD_ReadMem: Trying to ReadMemory 0x8DC0C030[0xA8]

18:51:04:728 1468 KLMD_ReadMem: Trying to ReadMemory 0x8C73B0D0[0x1E]

18:51:04:728 1468 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR

18:51:04:728 1468 DetectCureTDL3: IrpHandler (0) addr: 8973CB40

18:51:04:728 1468 DetectCureTDL3: IrpHandler (1) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (2) addr: 8973CBB8

18:51:04:728 1468 DetectCureTDL3: IrpHandler (3) addr: 8973CC30

18:51:04:728 1468 DetectCureTDL3: IrpHandler (4) addr: 8973CC30

18:51:04:728 1468 DetectCureTDL3: IrpHandler (5) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (6) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (7) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler ( addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (9) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (10) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (11) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (12) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (13) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (14) addr: 8973C828

18:51:04:728 1468 DetectCureTDL3: IrpHandler (15) addr: 897314AA

18:51:04:728 1468 DetectCureTDL3: IrpHandler (16) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (17) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (18) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (19) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (20) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (21) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (22) addr: 8973AF9A

18:51:04:728 1468 DetectCureTDL3: IrpHandler (23) addr: 897387A2

18:51:04:728 1468 DetectCureTDL3: IrpHandler (24) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (25) addr: 8181D1BD

18:51:04:728 1468 DetectCureTDL3: IrpHandler (26) addr: 8181D1BD

18:51:04:728 1468 KLMD_ReadMem: Trying to ReadMemory 0x89733A44[0x400]

18:51:04:728 1468 TDL3_StartIoHookDetect: CheckParameters: 4, 89737000, 0

18:51:04:728 1468 TDL3_FileDetect: Processing driver: USBSTOR

18:51:04:729 1468 TDL3_FileDetect: Processing driver file: C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:51:04:729 1468 KLMD_CreateFileW: Trying to open file C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:51:04:752 1468 TDL3_FileDetect: C:\Windows\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean

18:51:04:752 1468

18:51:04:752 1468 DetectCureTDL3: DEVICE_OBJECT: 8DCCA030

18:51:04:752 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8DCCA030

18:51:04:752 1468 DetectCureTDL3: DEVICE_OBJECT: 8C7FA500

18:51:04:752 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8C7FA500

18:51:04:752 1468 KLMD_ReadMem: Trying to ReadMemory 0x8C7FA500[0x38]

18:51:04:752 1468 DetectCureTDL3: DRIVER_OBJECT: 8DC0C030

18:51:04:752 1468 KLMD_ReadMem: Trying to ReadMemory 0x8DC0C030[0xA8]

18:51:04:752 1468 KLMD_ReadMem: Trying to ReadMemory 0x8C73B0D0[0x1E]

18:51:04:752 1468 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR

18:51:04:752 1468 DetectCureTDL3: IrpHandler (0) addr: 8973CB40

18:51:04:752 1468 DetectCureTDL3: IrpHandler (1) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (2) addr: 8973CBB8

18:51:04:752 1468 DetectCureTDL3: IrpHandler (3) addr: 8973CC30

18:51:04:752 1468 DetectCureTDL3: IrpHandler (4) addr: 8973CC30

18:51:04:752 1468 DetectCureTDL3: IrpHandler (5) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (6) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (7) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler ( addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (9) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (10) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (11) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (12) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (13) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (14) addr: 8973C828

18:51:04:752 1468 DetectCureTDL3: IrpHandler (15) addr: 897314AA

18:51:04:752 1468 DetectCureTDL3: IrpHandler (16) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (17) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (18) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (19) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (20) addr: 8181D1BD

18:51:04:752 1468 DetectCureTDL3: IrpHandler (21) addr: 8181D1BD

18:51:04:753 1468 DetectCureTDL3: IrpHandler (22) addr: 8973AF9A

18:51:04:753 1468 DetectCureTDL3: IrpHandler (23) addr: 897387A2

18:51:04:753 1468 DetectCureTDL3: IrpHandler (24) addr: 8181D1BD

18:51:04:753 1468 DetectCureTDL3: IrpHandler (25) addr: 8181D1BD

18:51:04:753 1468 DetectCureTDL3: IrpHandler (26) addr: 8181D1BD

18:51:04:753 1468 KLMD_ReadMem: Trying to ReadMemory 0x89733A44[0x400]

18:51:04:753 1468 TDL3_StartIoHookDetect: CheckParameters: 4, 89737000, 0

18:51:04:753 1468 TDL3_FileDetect: Processing driver: USBSTOR

18:51:04:753 1468 TDL3_FileDetect: Processing driver file: C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:51:04:753 1468 KLMD_CreateFileW: Trying to open file C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:51:04:755 1468 TDL3_FileDetect: C:\Windows\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean

18:51:04:755 1468

18:51:04:755 1468 DetectCureTDL3: DEVICE_OBJECT: 83CE9410

18:51:04:755 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 83CE9410

18:51:04:755 1468 DetectCureTDL3: DEVICE_OBJECT: 83CE3338

18:51:04:755 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 83CE3338

18:51:04:755 1468 DetectCureTDL3: DEVICE_OBJECT: 8335ABB0

18:51:04:755 1468 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8335ABB0

18:51:04:755 1468 KLMD_ReadMem: Trying to ReadMemory 0x8335ABB0[0x38]

18:51:04:755 1468 DetectCureTDL3: DRIVER_OBJECT: 8335B030

18:51:04:755 1468 KLMD_ReadMem: Trying to ReadMemory 0x8335B030[0xA8]

18:51:04:755 1468 KLMD_ReadMem: Trying to ReadMemory 0x82F6E628[0x1A]

18:51:04:755 1468 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi

18:51:04:755 1468 DetectCureTDL3: IrpHandler (0) addr: 807AE0C2

18:51:04:755 1468 DetectCureTDL3: IrpHandler (1) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (2) addr: 807AE0C2

18:51:04:755 1468 DetectCureTDL3: IrpHandler (3) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (4) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (5) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (6) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (7) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler ( addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (9) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (10) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (11) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (12) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (13) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (14) addr: 8079C9F4

18:51:04:755 1468 DetectCureTDL3: IrpHandler (15) addr: 8079C9C6

18:51:04:755 1468 DetectCureTDL3: IrpHandler (16) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (17) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (18) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (19) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (20) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (21) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (22) addr: 8079CA22

18:51:04:755 1468 DetectCureTDL3: IrpHandler (23) addr: 807A9B36

18:51:04:755 1468 DetectCureTDL3: IrpHandler (24) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (25) addr: 8181D1BD

18:51:04:755 1468 DetectCureTDL3: IrpHandler (26) addr: 8181D1BD

18:51:04:755 1468 TDL3_FileDetect: Processing driver: atapi

18:51:04:755 1468 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\atapi.sys

18:51:04:755 1468 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\atapi.sys

18:51:04:763 1468 TDL3_FileDetect: C:\Windows\system32\drivers\atapi.sys - Verdict: Clean

18:51:04:763 1468

18:51:04:764 1468 Completed

18:51:04:764 1468

18:51:04:764 1468 Results:

18:51:04:765 1468 Memory objects infected / cured / cured on reboot: 0 / 0 / 0

18:51:04:765 1468 Registry objects infected / cured / cured on reboot: 0 / 0 / 0

18:51:04:765 1468 File objects infected / cured / cured on reboot: 0 / 0 / 0

18:51:04:766 1468

18:51:04:769 1468 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\drivers\klmd.sys) returned status 00000000

18:51:04:769 1468 UtilityDeinit: KLMD(ARK) unloaded successfully

 

 

Encore merci pour ta patience

[jeanmi22]

Avec Rkill

 

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as JeanMichel on 09/02/2010 at 18:58:52.

 

 

Processes terminated by Rkill or while it was running:

 

 

C:\Windows\System32\rundll32.exe

C:\Users\JeanMichel\Desktop\rkill.com

 

 

Rkill completed on 09/02/2010 at 18:58:53.

[jeanmi22]

Merci pour les conseils, J'ai formaté le dd, et j'en ai profité pour réinstaller mon vieil XP. çà marche nickel.