antimalware doctor

migg · le 29 août 2010

Bonjour a tous

Voici mon probleme:

Un programme (antimalware doctor) c'est je ne sais trop comment, installer par lui meme sur ma machine :-? Et impossible de le désinstaller...

apres recherche sur le forum je vois qu'un rapport TDSSKILLER est demandé mais apres la réponse vari. j'ai donc fait le rapport que je copi ci-bas. pour la suite j'attendrai vos précieux conseils.

En vous remerciant d'avance.

2010/08/29 10:44:51.0643 TDSS rootkit removing tool 2.4.1.3 Aug 27 2010 08:53:42

2010/08/29 10:44:51.0643 ================================================================================

2010/08/29 10:44:51.0643 SystemInfo:

2010/08/29 10:44:51.0643

2010/08/29 10:44:51.0643 OS Version: 5.1.2600 ServicePack: 3.0

2010/08/29 10:44:51.0643 Product type: Workstation

2010/08/29 10:44:51.0643 ComputerName: INSERTECH144756

2010/08/29 10:44:51.0643 UserName: Client

2010/08/29 10:44:51.0643 Windows directory: C:\WINDOWS

2010/08/29 10:44:51.0643 System windows directory: C:\WINDOWS

2010/08/29 10:44:51.0643 Processor architecture: Intel x86

2010/08/29 10:44:51.0643 Number of processors: 1

2010/08/29 10:44:51.0643 Page size: 0x1000

2010/08/29 10:44:51.0643 Boot type: Normal boot

2010/08/29 10:44:51.0643 ================================================================================

2010/08/29 10:44:52.0284 Initialize success

2010/08/29 10:45:20.0995 ================================================================================

2010/08/29 10:45:20.0995 Scan started

2010/08/29 10:45:20.0995 Mode: Manual;

2010/08/29 10:45:20.0995 ================================================================================

2010/08/29 10:45:21.0175 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2010/08/29 10:45:21.0276 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2010/08/29 10:45:21.0386 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys

2010/08/29 10:45:21.0486 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2010/08/29 10:45:21.0616 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2010/08/29 10:45:21.0746 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2010/08/29 10:45:21.0866 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2010/08/29 10:45:22.0007 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2010/08/29 10:45:22.0127 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2010/08/29 10:45:22.0237 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2010/08/29 10:45:22.0357 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2010/08/29 10:45:22.0627 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

2010/08/29 10:45:22.0878 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2010/08/29 10:45:22.0998 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2010/08/29 10:45:23.0118 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2010/08/29 10:45:23.0218 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2010/08/29 10:45:23.0328 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2010/08/29 10:45:23.0439 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2010/08/29 10:45:23.0539 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2010/08/29 10:45:23.0669 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2010/08/29 10:45:23.0769 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2010/08/29 10:45:23.0889 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2010/08/29 10:45:24.0040 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2010/08/29 10:45:24.0180 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

2010/08/29 10:45:24.0260 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

2010/08/29 10:45:24.0370 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys

2010/08/29 10:45:24.0490 b57w2k (e470738b601a7fbb1e1c34cec8355f5d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

2010/08/29 10:45:24.0600 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2010/08/29 10:45:24.0710 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2010/08/29 10:45:24.0811 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2010/08/29 10:45:24.0901 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2010/08/29 10:45:25.0001 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2010/08/29 10:45:25.0111 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2010/08/29 10:45:25.0241 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2010/08/29 10:45:25.0401 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2010/08/29 10:45:25.0492 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2010/08/29 10:45:25.0602 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2010/08/29 10:45:25.0722 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2010/08/29 10:45:25.0832 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2010/08/29 10:45:25.0932 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2010/08/29 10:45:26.0072 DefragFS (292e9ec82df08cbdd1cc51d963f38248) C:\WINDOWS\system32\drivers\DefragFS.sys

2010/08/29 10:45:26.0193 DELTA (1779697d1392d8d0a3297b20168e25d8) C:\WINDOWS\system32\DRIVERS\delta.sys

2010/08/29 10:45:26.0333 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/08/29 10:45:26.0463 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys

2010/08/29 10:45:26.0633 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys

2010/08/29 10:45:26.0743 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2010/08/29 10:45:26.0854 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2010/08/29 10:45:26.0974 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2010/08/29 10:45:27.0094 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2010/08/29 10:45:27.0224 E1000 (9dcf8770a06b1e12100c9b06ede3d45b) C:\WINDOWS\system32\DRIVERS\e1000325.sys

2010/08/29 10:45:27.0374 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2010/08/29 10:45:27.0515 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2010/08/29 10:45:27.0615 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys

2010/08/29 10:45:27.0715 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2010/08/29 10:45:27.0805 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2010/08/29 10:45:27.0935 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2010/08/29 10:45:28.0045 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2010/08/29 10:45:28.0165 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2010/08/29 10:45:28.0286 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2010/08/29 10:45:28.0406 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2010/08/29 10:45:28.0516 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2010/08/29 10:45:28.0636 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2010/08/29 10:45:28.0746 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2010/08/29 10:45:28.0866 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2010/08/29 10:45:29.0127 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2010/08/29 10:45:29.0447 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2010/08/29 10:45:29.0557 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2010/08/29 10:45:29.0668 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys

2010/08/29 10:45:29.0778 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2010/08/29 10:45:29.0948 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2010/08/29 10:45:30.0078 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2010/08/29 10:45:30.0208 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2010/08/29 10:45:30.0309 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2010/08/29 10:45:30.0439 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2010/08/29 10:45:30.0549 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2010/08/29 10:45:30.0669 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2010/08/29 10:45:30.0869 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2010/08/29 10:45:30.0979 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2010/08/29 10:45:31.0120 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2010/08/29 10:45:31.0250 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2010/08/29 10:45:31.0440 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2010/08/29 10:45:31.0550 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys

2010/08/29 10:45:31.0650 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2010/08/29 10:45:31.0761 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2010/08/29 10:45:31.0901 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2010/08/29 10:45:32.0011 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2010/08/29 10:45:32.0121 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2010/08/29 10:45:32.0241 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2010/08/29 10:45:32.0381 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2010/08/29 10:45:32.0492 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010/08/29 10:45:32.0592 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010/08/29 10:45:32.0692 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2010/08/29 10:45:32.0802 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2010/08/29 10:45:32.0932 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2010/08/29 10:45:33.0062 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2010/08/29 10:45:33.0163 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2010/08/29 10:45:33.0263 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2010/08/29 10:45:33.0383 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2010/08/29 10:45:33.0493 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2010/08/29 10:45:33.0603 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2010/08/29 10:45:33.0703 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2010/08/29 10:45:33.0874 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2010/08/29 10:45:33.0994 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2010/08/29 10:45:34.0184 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2010/08/29 10:45:34.0294 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2010/08/29 10:45:34.0404 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2010/08/29 10:45:34.0545 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys

2010/08/29 10:45:34.0655 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2010/08/29 10:45:34.0775 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

2010/08/29 10:45:34.0895 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys

2010/08/29 10:45:35.0045 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

2010/08/29 10:45:35.0166 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys

2010/08/29 10:45:35.0266 PCnet (7bc8027d56fab153a987c56ae9835664) C:\WINDOWS\system32\DRIVERS\pcntpci5.sys

2010/08/29 10:45:35.0376 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys

2010/08/29 10:45:35.0636 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2010/08/29 10:45:35.0736 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2010/08/29 10:45:35.0887 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2010/08/29 10:45:35.0987 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2010/08/29 10:45:36.0067 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2010/08/29 10:45:36.0177 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2010/08/29 10:45:36.0287 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2010/08/29 10:45:36.0387 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2010/08/29 10:45:36.0497 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2010/08/29 10:45:36.0588 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2010/08/29 10:45:36.0698 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2010/08/29 10:45:36.0808 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2010/08/29 10:45:36.0938 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2010/08/29 10:45:37.0048 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2010/08/29 10:45:37.0158 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2010/08/29 10:45:37.0279 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2010/08/29 10:45:37.0389 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2010/08/29 10:45:37.0519 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2010/08/29 10:45:37.0629 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys

2010/08/29 10:45:37.0769 SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\WINDOWS\system32\Drivers\SBKUPNT.SYS

2010/08/29 10:45:37.0879 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2010/08/29 10:45:38.0040 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

2010/08/29 10:45:38.0220 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2010/08/29 10:45:38.0310 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys

2010/08/29 10:45:38.0440 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2010/08/29 10:45:38.0580 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2010/08/29 10:45:38.0701 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

2010/08/29 10:45:38.0781 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2010/08/29 10:45:38.0891 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2010/08/29 10:45:39.0021 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys

2010/08/29 10:45:39.0021 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

2010/08/29 10:45:39.0031 sptd - detected Locked file (1)

2010/08/29 10:45:39.0101 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys

2010/08/29 10:45:39.0201 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys

2010/08/29 10:45:39.0352 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

2010/08/29 10:45:39.0472 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2010/08/29 10:45:39.0572 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2010/08/29 10:45:39.0692 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2010/08/29 10:45:39.0792 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2010/08/29 10:45:39.0922 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2010/08/29 10:45:40.0033 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2010/08/29 10:45:40.0133 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2010/08/29 10:45:40.0263 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2010/08/29 10:45:40.0403 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2010/08/29 10:45:40.0493 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2010/08/29 10:45:40.0593 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2010/08/29 10:45:40.0723 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys

2010/08/29 10:45:40.0874 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys

2010/08/29 10:45:40.0984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2010/08/29 10:45:41.0104 UimBus (a25e0481da469c3af6ad18c1534b874c) C:\WINDOWS\system32\DRIVERS\UimBus.sys

2010/08/29 10:45:41.0214 Uim_IM (ec2ede874e0eb50a509269676cf5f4bd) C:\WINDOWS\system32\Drivers\Uim_IM.sys

2010/08/29 10:45:41.0374 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2010/08/29 10:45:41.0495 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2010/08/29 10:45:41.0645 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

2010/08/29 10:45:41.0735 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2010/08/29 10:45:41.0865 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2010/08/29 10:45:41.0995 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2010/08/29 10:45:42.0105 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2010/08/29 10:45:42.0226 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2010/08/29 10:45:42.0356 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2010/08/29 10:45:42.0466 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2010/08/29 10:45:42.0586 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2010/08/29 10:45:42.0696 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2010/08/29 10:45:42.0806 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2010/08/29 10:45:42.0927 viamraid (00046aa2e396edc2238556e740a8e5af) C:\WINDOWS\system32\DRIVERS\viamraid.sys

2010/08/29 10:45:42.0977 vmscsi (82132036ee4d3e8aa3e73feebe1a9741) C:\WINDOWS\system32\DRIVERS\vmscsi.sys

2010/08/29 10:45:43.0097 vmx_svga (9075157d60fa6dfb26927390a8e9c76f) C:\WINDOWS\system32\DRIVERS\vmx_svga.sys

2010/08/29 10:45:43.0207 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys

2010/08/29 10:45:43.0347 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2010/08/29 10:45:43.0507 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2010/08/29 10:45:43.0648 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2010/08/29 10:45:43.0778 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2010/08/29 10:45:43.0888 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2010/08/29 10:45:43.0978 ================================================================================

2010/08/29 10:45:43.0978 Scan finished

2010/08/29 10:45:43.0978 ================================================================================

2010/08/29 10:45:43.0998 Detected object count: 1

2010/08/29 10:46:12.0649 Locked file(sptd) - User select action: Skip

Florinator · le 30 août 2010

Bonjour Migg

Ce genre de procédures sont spécifiques aux machines concernées, il ne fait pas trop bon de reproduire les aides sans avis.

On va regarder où se cache ce rogue:

Télécharge ZHPDiag crée par Nicolas Coolman

Enregistre le sur ton bureau
Double clique sur l'icône
Suis les instructions à l'ecran
Clique sur pour lancer l'analyse
Clique sur pour copier le rapport
Puis colle le dans ta prochaine réponses
Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++

migg · le 30 août 2010

Un gros merci Florinator pour ton temps

et ton aide si précieux !!!

Alors voici mon rapport:

Rapport de ZHPDiag v1.26.551 par Nicolas Coolman, Update du 24/08/2010

Run by Client at 2010-08-30 13:50:26

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v7.0.5730.13

MFIE: Mozilla Firefox (3.6.

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 502 MB (19% free)

System drive C: has 22 GB (59%) free of 37 GB

---\\ Logged in mode

Computer Name: INSERTECH144756

User Name: Client

All Users Names: SUPPORT_388945a0, HelpAssistant, Client, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 22 Go of 37 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

G:\ Hard drive, Flash drive, Thumb drive (Free 359 Go of 466 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.2F95BEF56AEEEB45DE55EC44668E2695] - (.Pas de propriétaire - PIXMA Extended Servey Program Service.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [97432]

[MD5.39133291CB607BDD87CFC565A4A1E7A5] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.2AAE889742376EDC5C3203DFB74F28FD] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864]

[MD5.6ABB7315658F35E448207B0CE69025BC] - (.Raxco Software, Inc. - PDAgent Module.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [939272]

[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920]

[MD5.ABE2B9D3764F98DBFF4149BB79DC1D7E] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1051968]

[MD5.4775579D1AE9C881A6F2F7739858E7CD] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VIA\RAID\vialogsv.exe [52888]

[MD5.B5838B97235014D5378B80ED05D4EF30] - (.Raxco Software, Inc. - PDEngine Module.) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1033480]

[MD5.DC54087C94CF3358EE51881C1705D7CC] - (.Raxco Software, Inc. - PDAgentS1 Module.) -- C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe [66824]

[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]

[MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]

[MD5.2909211E5E07C293BD723A38F1A80183] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [546816]

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16248.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.17080 (vista_gdr.100616-0452)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Pas de propriétaire - Pas de description.) -- F:\Spybot - Search & Destroy\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [DeltTray] . (.Doug Fetter Software Wizardry - M Audio Delta Control Panel Interface Syste.) -- C:\Windows\System32\DeltTray.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [mediafix70700en02.exe] . (.MS - Pas de description.) -- C:\Documents and Settings\Client\Application Data\7951D3054DEEB7640455FC70B85FFB7E\mediafix70700en02.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-2449773342-3706409554-1314213189-1003\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-2449773342-3706409554-1314213189-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-2449773342-3706409554-1314213189-1003\..\Run: [mediafix70700en02.exe] . (.MS - Pas de description.) -- C:\Documents and Settings\Client\Application Data\7951D3054DEEB7640455FC70B85FFB7E\mediafix70700en02.exe

O4 - Global Startup: Adobe Gamma Loader.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Antimalware Doctor.lnk . (.MS - Pas de description.) -- C:\Documents and Settings\Client\Application Data\7951D3054DEEB7640455FC70B85FFB7E\mediafix70700en02.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CS1\Services\Tcpip\..\{2CEEDC86-059C-4D7D-9026-C14DF693E1D3}: NameServer = 64.235.193.5 64.235.193.6

O17 - HKLM\System\CCS\Services\Tcpip\..\{B4A6ACE7-E20F-4A07-B8BA-22A0C772EFEB}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS2\Services\Tcpip\..\{B4A6ACE7-E20F-4A07-B8BA-22A0C772EFEB}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CS3\Services\Tcpip\..\{B4A6ACE7-E20F-4A07-B8BA-22A0C772EFEB}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - PIXMA Extended Servey Program Service.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: PDAgent (PDAgent) . (.Raxco Software, Inc. - PDAgent Module.) - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe

O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

O23 - Service: VRAID Log Service (VRAID Log Service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\VIA\RAID\vialogsv.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r22.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

O41 - Driver: Universal Image Mounter Controller (UimBus) . (.Windows ® 2000 DDK provider - Image Mounter SCSI Port Driver.) - C:\Windows\system32\DRIVERS\UimBus.sys

O41 - Driver: UIM Drive Backup Image Plugin (Uim_IM) . (.Paragon - Image Mounter.) - C:\Windows\system32\Drivers\Uim_IM.sys

O41 - Driver: avgio (avgio) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM] -- ALZip

O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Antimalware Doctor - (.Pas de propriétaire.) [HKCU] -- Antimalware Doctor

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Canon MP Navigator EX 1.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 1.0

O42 - Logiciel: Canon MX310 series - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series

O42 - Logiciel: Canon My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter

O42 - Logiciel: DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0 - (.Fengtao Software Inc..) [HKLM] -- DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5

O42 - Logiciel: FairUse Wizard 2 - (.FairUse Wizard.) [HKLM] -- FairUse Wizard 2

O42 - Logiciel: Foxit PDF IFilter - (.Foxit Software.) [HKLM] -- {4448ABF6-786D-4C3D-A49D-7BB237E6DD17}

O42 - Logiciel: Foxit Reader - (.Foxit Software.) [HKLM] -- {E52C258D-DCF6-411B-B690-06DAC5009F37}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}

O42 - Logiciel: K-Lite Codec Pack 4.7.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack

O42 - Logiciel: LAME v3.98.2 for Audacity - (.Pas de propriétaire.) [HKLM] -- LAME for Audacity

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Live Media Plugin (Todae) - (.Todae.fr.) [HKLM] -- Live Media

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {72AD53CC-CCC0-3757-8480-9EE176866A7C}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {0BD83598-C2EF-3343-847B-7D2E84599128}

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Mozilla Firefox (3.6. - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.

O42 - Logiciel: MétéoÉclair - (.Pas de propriétaire.) [HKCU] -- MétéoÉclair

O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM] -- {891D0B03-05DF-4CD1-B267-268FDA1C1036}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PIXMA Extended Survey Program - (.Pas de propriétaire.) [HKLM] -- CANONIJPLM100

O42 - Logiciel: PerfectDisk 10 Professional - (.Raxco Software Inc..) [HKLM] -- {7B738CD9-D107-48C7-8E65-2E6639A39C8D}

O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5857EE21-03D0-482E-9620-5A30B314A2AE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E8766951-2B6C-4022-86E8-80D2D1762B76}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB980376) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{48113C06-9BA2-4D54-A731-D1D2C5B3144A}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7E9103DA-253F-41FF-9E83-7C83806C77DA}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: SoulSeek 157 NS 13e - (.Pas de propriétaire.) [HKLM] -- Soulseek2

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: TuneUp Utilities - (.TuneUp Software.) [HKLM] -- TuneUp Utilities

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2279264) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}

O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows PowerShell 1.0 - (.Microsoft Corporation.) [HKLM] -- KB926140-v5

O42 - Logiciel: ffdshow (remove only) - (.Pas de propriétaire.) [HKLM] -- ffdshow

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AC1]

[HKCU\Software\ASProtect]

[HKCU\Software\Acronis]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Analog Devices]

[HKCU\Software\Antimalware Doctor Inc]

[HKCU\Software\Applications WinDev]

[HKCU\Software\Audacity]

[HKCU\Software\AudioComp]

[HKCU\Software\AudioComparer]

[HKCU\Software\Avira]

[HKCU\Software\BitTorrent]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CoreVorbis]

[HKCU\Software\Cyberlink]

[HKCU\Software\DT Soft]

[HKCU\Software\DVDFab]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\ESTsoft]

[HKCU\Software\Essential Data Tools]

[HKCU\Software\FUW]

[HKCU\Software\FairUse Wizard 2]

[HKCU\Software\FairUseW]

[HKCU\Software\Foxit Software]

[HKCU\Software\GNU]

[HKCU\Software\GSpot Appliance Corp]

[HKCU\Software\Gabest]

[HKCU\Software\Guy]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\Image-Line]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\KC Softwares]

[HKCU\Software\Last.fm]

[HKCU\Software\M-Audio]

[HKCU\Software\MDO]

[HKCU\Software\MMTWN]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaChance]

[HKCU\Software\MediaInfo]

[HKCU\Software\Mindscape]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Opendisc]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Raxco]

[HKCU\Software\SWISSKNIFE]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SecuROM]

[HKCU\Software\SoftVoice]

[HKCU\Software\SoulSeek]

[HKCU\Software\Soulseek2]

[HKCU\Software\Steinberg]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\TechSmith]

[HKCU\Software\Todae]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\Unlimited Possibilities]

[HKCU\Software\VCMU]

[HKCU\Software\VSO]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\Winamp]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\mozilla.org]

[HKLM\Software\781]

[HKLM\Software\ASIO]

[HKLM\Software\Adobe Systems]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Analog Devices]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Audible]

[HKLM\Software\Avira]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Cyberlink]

[HKLM\Software\DT Soft]

[HKLM\Software\DVDFab]

[HKLM\Software\DivXNetworks]

[HKLM\Software\ESTsoft]

[HKLM\Software\Essential Data Tools]

[HKLM\Software\FLAC]

[HKLM\Software\FairUse Wizard]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\Guy]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Image-Line]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KCSoftware]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Lame for Audacity]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Mindscape]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\NeroDigital]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\Outsim]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Propellerhead Software]

[HKLM\Software\Raxco]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\S3R521]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\SoftVoice]

[HKLM\Software\Steinberg]

[HKLM\Software\SuperMp3Editor]

[HKLM\Software\The Learning Company]

[HKLM\Software\Todae]

[HKLM\Software\Trolltech]

[HKLM\Software\TuneUp]

[HKLM\Software\VIA Raid Lib]

[HKLM\Software\VIA Technologies, Inc]

[HKLM\Software\VSO]

[HKLM\Software\VST]

[HKLM\Software\Videotron]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\mozilla.org]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Analog Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Atari

O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\Canon

O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- C:\Program Files\DMV

O43 - CFD:Common File Directory ----D- C:\Program Files\DVDFab 5

O43 - CFD:Common File Directory ----D- C:\Program Files\ESTsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\FairUse Wizard 2

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Jeu_Oie

O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD:Common File Directory ----D- C:\Program Files\Lame for Audacity

O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\NOS

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\Outsim

O43 - CFD:Common File Directory ----D- C:\Program Files\Paragon Software

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\Raxco

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory ----D- C:\Program Files\SoulseekNS

O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD:Common File Directory ----D- C:\Program Files\Steinberg

O43 - CFD:Common File Directory ----D- C:\Program Files\Syncrosoft

O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts

O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2010

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent

O43 - CFD:Common File Directory ----D- C:\Program Files\VIA

O43 - CFD:Common File Directory ----D- C:\Program Files\VstPlugins

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Desktop Search

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\CANON

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.FCE09CCCF78366FF72F69428FEA78041] - 2010-08-10 - 09:41:55 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\WINDOWS\System32\uxtuneup.dll [30016]

O44 - LFC:[MD5.78657D3581639D5EA2FA03F6C4E9C628] - 2010-08-12 - 13:48:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1108862]

O44 - LFC:[MD5.7B45A8704C784D420139AB02295A5C42] - 2010-08-12 - 13:48:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [71060]

O44 - LFC:[MD5.8B81CD57E4569F501353212F9891AE31] - 2010-08-12 - 13:48:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [93408]

O44 - LFC:[MD5.7C9AA5D87B9EC7D7B373B19AA3B6D9E9] - 2010-08-12 - 13:48:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [441124]

O44 - LFC:[MD5.71B1D3B87ABF11A7CBC295987A2E104D] - 2010-08-12 - 13:48:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [532828]

O44 - LFC:[MD5.14B92C5AA5171C7B5EABCD18BC1E9623] - 2010-08-12 - 13:54:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [327504]

O44 - LFC:[MD5.DBD528B7A58307B3BCDE59C47DD4D885] - 2010-08-27 - 03:35:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log [41]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2010-08-27 - 03:35:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setuperr.log [0]

O44 - LFC:[MD5.5F9BC356BA52B6387B3BC28737949198] - 2010-08-27 - 03:35:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [12425]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-08-27 - 04:00:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32574]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 2010-08-27 - 04:01:40 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-08-27 - 04:01:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2010-08-27 - 04:02:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.22BB5977EB204BF28D9415DDB018E340] - 2010-08-27 - 04:02:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [12598]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-08-28 - 07:18:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [539]

O44 - LFC:[MD5.935882BCC21275303C6FEA4969ACE26F] - 2010-08-28 - 16:59:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\srun.log [12]

O44 - LFC:[MD5.90D9CC4CE7621068AC9FAAB2B3F8898D] - 2010-08-28 - 17:29:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\zrpt.xml [5]

O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 2010-08-29 - 09:19:13 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 2010-08-29 - 09:19:19 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.9A92AAF2A85F1676CD46EDDD621D688E] - 2010-08-29 - 09:26:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [2424]

O44 - LFC:[MD5.59F0AAF91955F96DB63EFA5BD872B3C5] - 2010-08-29 - 14:41:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.4.1.3_29.08.2010_10.44.51_log.txt [46770]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 2010-08-30 - 07:44:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [69]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-08-30 - 11:39:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1189102]

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\Program Files\SoulseekNS\slsk.exe" [Enabled] .(.Pas de propriétaire - SoulSeek.) -- C:\Program Files\SoulseekNS\slsk.exe

O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{c0891398-ee84-11de-a88c-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\DPFMate.exe (.not file.)

O51 - MPSK:{d34a19ad-bdbc-11de-a873-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- explorer.exe "https://www.ikeymedia.com/exterio/Ikm2160129.aspx?bbbb=1a71c193-1787-4cf0-a5ea-2bae00c1179e&dddd=ded7bf8a-9511-44c7-b842-2b9700949cf7&eeee=4 (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\divx.dll

O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\System32\lameACM.acm

O52 - TDSD: \Drivers32\"VIDC.FFDS"="C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll

O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.1" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\System32\tsccvid.dll

O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm

O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \drivers.desc\"yv12vfw.dll"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\System32\yv12vfw.dll

O52 - TDSD: \drivers.desc\"C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax"="ffdshow Video Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe

O53 - SMSR:HKLM\...\startupreg\filehippo.com [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\filehippo.com\UpdateChecker.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.DD8520280304B6145A6BE31008748C7C] - 2008-09-24 - 09:40:22 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS

O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 2001-08-17 - 20:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 2008-04-13 - 13:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS

O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 2001-08-17 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys

O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 2001-08-17 - 20:51:58 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys

O58 - SDL:[MD5.D649C57DA6FA762C64013747E5D7D2D6] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\ati1btxx.sys

O58 - SDL:[MD5.60B6AA2DC1521DA343F781B70EB7895A] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1mdxx.sys

O58 - SDL:[MD5.6FDC61E8E8E17F6ECC2D9A10FA8DF347] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\drivers\ati1pdxx.sys

O58 - SDL:[MD5.9D318099BF3876A4AF4BC75966D27603] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\ati1raxx.sys

O58 - SDL:[MD5.BCAF267B10620F8C93F6E87AB726E145] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1rvxx.sys

O58 - SDL:[MD5.DAC7D785CF62F5BD41441E9D6F5A6EFE] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1snxx.sys

O58 - SDL:[MD5.F7706DAE7D101F1B19CE552D772EBFCE] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\ati1ttxx.sys

O58 - SDL:[MD5.6F714B4720DD80FFA9F8D2731594EA4C] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1tuxx.sys

O58 - SDL:[MD5.67FFBC158DD4D27BA3FC92C6ACD87F73] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xbxx.sys

O58 - SDL:[MD5.0D8CAB1F08F7D3C4DE228B49E12E596A] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\ati1xsxx.sys

O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 2004-08-04 - 23:38:42 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys

O58 - SDL:[MD5.417352592432F5368A8296F7FB73BECF] - 2004-08-04 - 23:38:44 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 2004-08-03 - 21:29:28 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys

O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys

O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys

O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 2004-08-03 - 21:29:30 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys

O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys

O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys

O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys

O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys

O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys

O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 2004-08-03 - 21:29:32 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 2009-02-13 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 2009-12-10 - 14:11:58 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 2009-02-13 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 2009-03-30 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.E470738B601A7FBB1E1C34CEC8355F5D] - 2007-10-22 - 03:24:14 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\drivers\b57xp32.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 2004-08-05 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.B53F9635457B56DCFFEF750E18AEC6CB] - 2005-10-23 - 23:00:00 ---A- . (.Team H2O - Team H2O CLEDX DevWhore.) -- C:\WINDOWS\system32\drivers\cledx.sys

O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 2001-08-23 - 16:04:44 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 2004-08-05 - 07:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 2001-08-17 - 20:52:16 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys

O58 - SDL:[MD5.292E9EC82DF08CBDD1CC51D963F38248] - 2009-08-20 - 11:11:30 ---A- . (.Raxco Software, Inc. - Defragmentation Support Driver.) -- C:\WINDOWS\system32\drivers\DefragFs.sys

O58 - SDL:[MD5.1779697D1392D8D0A3297B20168E25D8] - 2005-10-06 - 07:31:54 ---A- . (.Midiman/M-Audio - M-Audio Delta Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\delta.sys

O58 - SDL:[MD5.9DCF8770A06B1E12100C9B06EDE3D45B] - 2007-11-07 - 05:27:58 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver.) -- C:\WINDOWS\system32\drivers\e1000325.sys

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 2008-04-13 - 11:36:05 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys

O58 - SDL:[MD5.9E05F872290E5595AFD4871CDEE550A3] - 2008-08-25 - 15:48:18 ---A- . (.Paragon Software Group - A part of Paragon System Utilities.) -- C:\WINDOWS\system32\drivers\hotcore3.sys

O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 2004-08-03 - 21:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\hsfbs2s2.sys

O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 2004-08-03 - 21:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\hsfcxts2.sys

O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 2004-08-03 - 21:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\hsfdpsp2.sys

O58 - SDL:[MD5.44B7D5A4F2BD9FE21AEA0BB0BACE38C4] - 2005-06-21 - 11:12:34 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys

O58 - SDL:[MD5.0F68E2EC713F132FFB19E45415B09679] - 2007-12-19 - 04:32:12 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 2010-04-29 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 2010-04-29 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 2004-08-03 - 21:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys

O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 2001-08-17 - 20:52:12 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys

O58 - SDL:[MD5.C53775780148884AC87C455489A0C070] - 2004-08-03 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys

O58 - SDL:[MD5.54886A652BF5685192141DF304E923FD] - 2004-08-03 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\mtlstrm.sys

O58 - SDL:[MD5.6DDA78A0BE692B61B668FAB860F276CF] - 2004-08-03 - 21:29:38 ---A- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\drivers\mtxparhm.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.576B34CEAE5B7E5D9FD2775E93B3DB53] - 2004-08-03 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys

O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 2004-08-03 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys

O58 - SDL:[MD5.7BC8027D56FAB153A987C56AE9835664] - 2001-08-17 - 15:11:22 ---A- . (.AMD Inc. - NDIS 5.0 driver.) -- C:\WINDOWS\system32\drivers\pcntpci5.sys

O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 2009-12-23 - 07:30:17 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 2004-08-05 - 07:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 2001-08-17 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys

O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 2001-08-17 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys

O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 2001-08-17 - 20:52:18 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys

O58 - SDL:[MD5.E9AAA0092D74A9D371659C4C38882E12] - 2004-08-03 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\recagent.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 2004-08-03 - 21:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys

O58 - SDL:[MD5.729248B54AFF21E740054ACEBFDBCB1C] - 2001-07-13 - 12:56:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2008-04-13 - 11:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.B9C7617C1E8AB6FDFF75D3C8DAFCB4C8] - 2006-08-15 - 10:48:00 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver.) -- C:\WINDOWS\system32\drivers\senfilt.sys

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 2008-04-13 - 13:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGP.SYS

O58 - SDL:[MD5.D9673011648A71ED1E1F77B831BC85E6] - 2004-08-03 - 21:41:42 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnt7554.sys

O58 - SDL:[MD5.2C1779C0FEB1F4A6033600305EBA623A] - 2004-08-03 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slntamr.sys

O58 - SDL:[MD5.F9B8E30E82EE95CF3E1D3E495599B99C] - 2004-08-03 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slnthal.sys

O58 - SDL:[MD5.DB56BB2C55723815CF549D7FC50CFCEB] - 2004-08-03 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\drivers\slwdmsup.sys

O58 - SDL:[MD5.C6D9959E493682F872A639B6EC1B4A08] - 2006-08-15 - 10:48:00 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\drivers\smwdm.sys

O58 - SDL:[MD5.E78C98378A071CE4D48A7C514FA98FA1] - 2009-06-23 - 13:40:47 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\WINDOWS\system32\drivers\snapman.sys

O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 2001-08-17 - 21:07:44 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 2009-03-19 - 08:50:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sptd.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 2009-07-13 - 06:41:01 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 2001-08-17 - 21:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys

O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 2001-08-17 - 21:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 2001-08-17 - 21:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 2001-08-17 - 21:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.85557234B421D99C87D46E57248793F0] - 2002-11-25 - 04:46:16 ---A- . (.Syncrosoft GmbH - SynasUSB.sys.) -- C:\WINDOWS\system32\drivers\synasUSB.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 2004-08-05 - 07:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.A25E0481DA469C3AF6AD18C1534B874C] - 2008-09-26 - 16:06:24 ---A- . (.Windows ® 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\WINDOWS\system32\drivers\UimBus.sys

O58 - SDL:[MD5.D0CA9DF8529653B65B8B75827D04C1CB] - 2008-09-26 - 16:06:24 ---A- . (.Paragon - Image Mounter File I/O.) -- C:\WINDOWS\system32\drivers\UimFIO.sys

O58 - SDL:[MD5.EC2EDE874E0EB50A509269676CF5F4BD] - 2008-09-26 - 16:06:24 ---A- . (.Paragon - Image Mounter.) -- C:\WINDOWS\system32\drivers\Uim_IM.sys

O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 2001-08-17 - 20:52:22 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 2004-08-05 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.00046AA2E396EDC2238556E740A8E5AF] - 2008-07-09 - 19:19:02 ---A- . (.VIA Technologies inc,.ltd - VIA AHCI RAID DRIVER FOR WIN XP/SRV2003.) -- C:\WINDOWS\system32\drivers\viamraid.sys

O58 - SDL:[MD5.82132036EE4D3E8AA3E73FEEBE1A9741] - 2007-05-09 - 05:13:00 ---A- . (.VMware, Inc. - VMware SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\vmscsi.sys

O58 - SDL:[MD5.9075157D60FA6DFB26927390A8E9C76F] - 2007-05-01 - 21:21:46 ---A- . (.VMware, Inc. - VMware SVGA II Miniport.) -- C:\WINDOWS\system32\drivers\vmx_svga.sys

O58 - SDL:[MD5.0308AEF61941E4AF478FA1A0F83812F5] - 2004-08-03 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv07nt.sys

O58 - SDL:[MD5.714038A8AA5DE08E12062202CD7EAEB5] - 2004-08-03 - 21:29:40 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv08nt.sys

O58 - SDL:[MD5.7BB3AA595E4507A788DE1CDC63F4C8C4] - 2004-08-03 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv09nt.sys

O58 - SDL:[MD5.36E6C405B6143D09687F4056FD9A0D10] - 2004-08-03 - 21:29:42 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\wadv11nt.sys

O58 - SDL:[MD5.352FA0E98BC461CE1CE5D41F64DB558D] - 2004-08-03 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv06nt.sys

O58 - SDL:[MD5.791CC45DE6E50445BE72E8AD6401FF45] - 2004-08-03 - 21:29:46 ---A- . (.Intel® Corporation - Digital Display Minidriver for Intel® Graphics Driver.) -- C:\WINDOWS\system32\drivers\watv10nt.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 2004-08-05 - 07:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ABP480N5.sys - abp480n5 (abp480n5) .(.Microsoft Corporation - AdvanSys SCSI Controller Driver.) - LEGACY_ABP480N5

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Pas de propriétaire - System Level Service Utilty.) - LEGACY_ADOBE_LM_SERVICE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\adpu160m.sys - adpu160m (adpu160m) .(.Microsoft Corporation - Adaptec Ultra160 SCSI miniport.) - LEGACY_ADPU160M

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\agp440.sys - Filtre de bus AGP Intel (agp440) .(.Microsoft Corporation - 440 NT AGP Filter.) - LEGACY_AGP440

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\agpCPQ.sys - Filtre de bus AGP Compaq (agpCPQ) .(.Microsoft Corporation - CompatNT AGP Filter.) - LEGACY_AGPCPQ

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\aha154x.sys - Aha154x (Aha154x) .(.Microsoft Corporation - Adaptec AHA-154x series SCSI miniport.) - LEGACY_AHA154X

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\aic78u2.sys - aic78u2 (aic78u2) .(.Microsoft Corporation - Adaptec Ultra2 SCSI miniport.) - LEGACY_AIC78U2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\aic78xx.sys - aic78xx (aic78xx) .(.Microsoft Corporation - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX

O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\aliide.sys - AliIde (AliIde) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\alim1541.sys - Filtre de bus AGP ALI (alim1541) .(.Microsoft Corporation - ALi M1541 NT AGP Filter.) - LEGACY_ALIM1541

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\amdagp.sys - Pilote de filtre du bus AMD AGP (amdagp) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\amsint.sys - amsint (amsint) .(.Microsoft Corporation - AMD SCSI/NET Controller.) - LEGACY_AMSINT

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\asc.sys - asc (asc) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\asc3350p.sys - asc3350p (asc3350p) .(.Microsoft Corporation - AdvanSys SCSI Card Driver.) - LEGACY_ASC3350P

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\asc3550.sys - asc3550 (asc3550) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - (.not file.) - BioNT_BS (BioNT_BS) .(.Pas de propriétaire - Pas de description.) - LEGACY_BIONT_BS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cbidf2k.sys - cbidf (cbidf) .(.Microsoft Corporation - CardBus/PCMCIA IDE Miniport Driver.) - LEGACY_CBIDF

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cd20xrnt.sys - cd20xrnt (cd20xrnt) .(.Microsoft Corporation - IBM Portable CD-ROM Drive Miniport.) - LEGACY_CD20XRNT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS

O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cmdide.sys - CmdIde (CmdIde) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE

O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cpqarray.sys - Cpqarray (Cpqarray) .(.Microsoft Corporation - Compaq Drive Array Controllers SCSI Minipor.) - LEGACY_CPQARRAY

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\dac2w2k.sys - dac2w2k (dac2w2k) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\dac960nt.sys - dac960nt (dac960nt) .(.Microsoft Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC960NT

O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - (.not file.) - DefragFS (DefragFS) .(.Pas de propriétaire - Pas de description.) - LEGACY_DEFRAGFS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP

O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - C:\Windows\system32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\dpti2o.sys - dpti2o (dpti2o) .(.Microsoft Corporation - DPT SmartRAID miniport.) - LEGACY_DPTI2O

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR

O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - getPlus® Helper (getPlusHelper) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_GETPLUSHELPER

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\HOTCORE3.sys - Hotcore helper (hotcore3) .(.Pas de propriétaire - Pas de description.) - LEGACY_HOTCORE3

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\hpn.sys - hpn (hpn) .(.Microsoft Corporation - NetRAID-4M Miniport Driver.) - LEGACY_HPN

O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\I2OMGMT.sys - i2omgmt (i2omgmt) .(.Pas de propriétaire - Pas de description.) - LEGACY_I2OMGMT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\i2omp.sys - i2omp (i2omp) .(.Microsoft Corporation - I2O Miniport Driver.) - LEGACY_I2OMP

O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC

O64 - Services: CurCS - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe - PIXMA Extended Survey Program (IJPLMSVC) .(.Pas de propriétaire - PIXMA Extended Servey Program Service.) - LEGACY_IJPLMSVC

O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ini910u.sys - ini910u (ini910u) .(.Microsoft Corporation - INITIO ini910u SCSI miniport.) - LEGACY_INI910U

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\intelide.sys - IntelIde (IntelIde) .(.Microsoft Corporation - Pilote IDE Intel PCI.) - LEGACY_INTELIDE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - (.not file.) - klmd24 (klmd24) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMD24

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD

O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mraid35x.sys - mraid35x (mraid35x) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe - Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) .(.Nero AG - Nero BackItUp.) - LEGACY_NERO_BACKITUP_SCHEDULER_3

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe - NMIndexingService (NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Stockage amovible (NtmsSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NTMSSVC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM

O64 - Services: CurCS - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe - PDAgent (PDAgent) .(.Raxco Software, Inc. - PDAgent Module.) - LEGACY_PDAGENT

O64 - Services: CurCS - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe - PDEngine (PDEngine) .(.Raxco Software, Inc. - PDEngine Module.) - LEGACY_PDENGINE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\perc2.sys - perc2 (perc2) .(.Microsoft Corporation - PERC 2 Miniport Driver.) - LEGACY_PERC2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\perc2hib.sys - perc2hib (perc2hib) .(.Microsoft Corporation - PERC 2 Hibernate Driver.) - LEGACY_PERC2HIB

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql1080.sys - ql1080 (ql1080) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql10wnt.sys - Ql10wnt (Ql10wnt) .(.Microsoft Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL10WNT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql12160.sys - ql12160 (ql12160) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql1240.sys - ql1240 (ql1240) .(.Microsoft Corporation - QLogic ISP PCI Adapters.) - LEGACY_QL1240

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql1280.sys - ql1280 (ql1280) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\RDPWD.sys - RDPWD (RDPWD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPWD

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY

O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SBKUPNT.sys - SBKUPNT (SBKUPNT) .(.Pas de propriétaire - Pas de description.) - LEGACY_SBKUPNT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sisagp.sys - Filtre de bus AGP SIS (sisagp) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sparrow.sys - Sparrow (Sparrow) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW

O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER

O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC

O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - MS Software Shadow Copy Provider (SwPrv) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_SWPRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\symc810.sys - symc810 (symc810) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\symc8xx.sys - symc8xx (symc8xx) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sym_hi.sys - sym_hi (sym_hi) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sym_u3.sys - sym_u3 (sym_u3) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\TDTCP.sys - TDTCP (TDTCP) .(.Pas de propriétaire - Pas de description.) - LEGACY_TDTCP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\toside.sys - TosIde (TosIde) .(.Microsoft Corporation - Contrôleur IDE PCI Toshiba.) - LEGACY_TOSIDE

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS

O64 - Services: CurCS - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe - TuneUp Drive Defrag Service (TuneUp.Defrag) .(.TuneUp Software - TuneUp Drive Defrag-Dienst.) - LEGACY_TUNEUP.DEFRAG

O64 - Services: CurCS - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe - TuneUp Utilities Service (TuneUp.UtilitiesSvc) .(.TuneUp Software - TuneUp Utilities Service.) - LEGACY_TUNEUP.UTILITIESSVC

O64 - Services: CurCS - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ultra.sys - ultra (ultra) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA

O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - TuneUp Extension de thème (UxTuneUp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UXTUNEUP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\viaagp.sys - Filtre de bus AGP VIA (viaagp) .(.Microsoft Corporation - VIA NT AGP Filter.) - LEGACY_VIAAGP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\viaide.sys - ViaIde (ViaIde) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\vmscsi.sys - vmscsi (vmscsi) .(.VMware, Inc. - VMware SCSI Controller Driver.) - LEGACY_VMSCSI

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Program Files\VIA\RAID\vialogsv.exe - VRAID Log Service (VRAID Log Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_VRAID_LOG_SERVICE

O64 - Services: CurCS - C:\WINDOWS\System32\vssvc.exe - Cliché instantané de volume (VSS) .(.Microsoft Corporation - Service de cliché instantané de volumes Mic.) - LEGACY_VSS

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT

O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC

O64 - Services: CurCS - C:\WINDOWS\system32\SearchIndexer.exe - Windows Search (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\WudfPf.sys - Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Windows Driver Foundation - User-mode Driver Framework (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

O66 - EventLog: ID=470 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <FirefoxLKL.exe> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- F:\LiberKey\Apps\Firefox\FirefoxLKL.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Live Search) - Bing

O69 - SBI: SearchScopes [HKCU] {37A2C59A-A45B-43B2-A179-83CBFD0D0B15} - (Google) - Google

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by Client at 2010-08-30 13:52:33

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys spwz.sys hal.dll >>UNKNOWN [0x82F8E938]<<

kernel: MBR read successfully

user & kernel MBR OK

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [176640]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768]

O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]

O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\WINDOWS\System32\uxtuneup.dll [30016]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685568]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440]

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 2009-03-18 68096 | Adobe LM Service (Adobe LM Service) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

SR - | Auto 2009-07-13 108289 | Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 2009-08-18 185089 | Avira AntiVir Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 2007-04-13 97432 | PIXMA Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe

SR - | Auto 2009-10-11 153376 | Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SR - | Auto 2008-06-08 877864 | Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

SS - | Demand 2008-06-24 537896 | NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

SR - | Auto 2010-01-26 939272 | PDAgent (PDAgent) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe

SR - | Demand 2010-01-26 1033480 | PDEngine (PDEngine) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe

SR - | Auto 2006-12-19 81920 | PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe

SS - | Demand 2010-08-10 435008 | TuneUp Drive Defrag Service (TuneUp.Defrag) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

SR - | Auto 2010-07-06 1051968 | TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

SR - | Auto 2008-09-24 52888 | VRAID Log Service (VRAID Log Service) . (.Pas de propriétaire.) - C:\Program Files\VIA\RAID\vialogsv.exe

End of the scan (1099 lines in 02mn 09s)(0)

Encore une fois un gros merci!!!

Florinator · le 30 août 2010

Le rogue est repéré on va le manger :grrr:

1

Télécharge Rkill de Grinler,depuis l'un des liens ci-dessous:

Enregistre le fichier sur le bureau.
Désactive le module résident de l'antivirus et celui de l'antispyware.
Double-clique sur le fichier Rkill

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

=>Une fenêtre sur fond noir apparaitra puis disparaitra.

=>Poste moi le rapport qui s'affichera

2

Télécharge MBAM

Installe le
Lance l'outil
Coche "Executer un examen complet"
Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
Clique sur Supprimer la sélection
Pour poster le rapport clique sur l'onglet Rapports/Log et
Sélectionne celui t'intéresse et clique sur Ouvrir
Fait copier coller et poste le rapport stp

A++

migg · le 30 août 2010

Encore un gros merci...

j'ai fait le rkill (voir le rapport plus bas.)j'en suis maintenant a mbam

par contre est-ce normal que mes raccourci , mon bureau ainsi que la barre en bas soit disparu ?

Rapport RKILL

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as Client on 2010-08-30 at 15:42:50.

Processes terminated by Rkill or while it was running:

Rkill completed on 2010-08-30 at 15:42:53.

migg · le 30 août 2010

Et voici le mamb:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4510

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

2010-08-30 17:03:29

mbam-log-2010-08-30 (17-03-29).txt

Type d'examen: Examen complet (C:\|G:\|)

Elément(s) analysé(s): 205802

Temps écoulé: 53 minute(s), 5 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 10

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mediafix70700en02.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Documents and Settings\Client\Application Data\7951D3054DEEB7640455FC70B85FFB7E\mediafix70700en02.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Local Settings\Temp\st_witty820_1930.exe (Adware.BHO) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Local Settings\Temporary Internet Files\Content.IE5\7GPVYWW5\mediafix70700en02[2].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Modèles\memory.tmp (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.

G:\Mes logiciels\TuneUp.Utilities.2010.v9.0.4100.22.French.Incl.Keymaker-CORE\Crack\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

G:\Mes logiciels\tuneup2009\TuneUp09\TuneUp09\TuneUp Utilities 2009 - 8.0.3100.31\TuneUp.Utilities.2009-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Menu Démarrer\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Menu Démarrer\Programmes\Démarrage\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.

C:\Documents and Settings\Client\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.

Florinator · le 31 août 2010

Bonjour Migg

par contre est-ce normal que mes raccourci , mon bureau ainsi que la barre en bas soit disparu ?

Ca a dû revenir sur le nouveau démarrage?

Télécharge ceci

Branche tout tes supports externes Disque dur/Clé USB etc (ne les ouvres pas!!)
Exécute le fichier
Poste moi le rapport stp

Laisse tes supports branchés ,tels qui le seront pour le scan, important pour la suite de la suppression

A++

migg · le 31 août 2010

Rebonjour Florinator

Malheureusement mon bureau n'est pas revenu

Par contre la vermine semble partie

voici donc le rapport pour mes support externes

(un dd externe, une clé usb et un lecteur mp3)

C: - Fixe - Fichier Autorun.inf absent !

D: - CD/DVD - Lecteur non prêt

E: - CD/DVD - Lecteur non prêt

F: - Amovible - Fichier Autorun.inf absent !

G: - Fixe - Fichier Autorun.inf absent !

En te remerciant encore

migg

Florinator · le 31 août 2010

Bonsoir

Il reste 2,3 choses à virer:

Copie ces lignes ci dessous:

O51 - MPSK:{c0891398-ee84-11de-a88c-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\DPFMate.exe (.not file.)

O51 - MPSK:{d34a19ad-bdbc-11de-a873-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- explorer.exe "https://www.ikeymedia.com/exterio/Ikm2160129.aspx?bbbb=1a71c193-1787-4cf0-a5ea-2bae00c1179e&dddd=ded7bf8a-9511-44c7-b842

Ouvre ZHPDiag, puis clique sur l'icône
Si l'icône n'apparait pas, relance un scan avec ZHPDiag, à la fin du scan elle apparaitra
Clique successivement sur l'icône ,pour effacer le rapport qui s'est affiché
Clique ensuite sur pour coller la sélection
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
Clique sur "Tous" puis sur "Nettoyer".
Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
Copie/colle le rapport dans ton prochain post.

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt

Pour essayer de récupérer ton bureau essayes ceci:

- Fais CTRL+ALT+SUPP pour ouvrir le Gestionnaire de tâches.
- Clique en haut à gauche sur "Fichier"
- Choisi "Nouvelle tâche" (Exécuter ...)
- Tape "explorer" et valide.
- Cela fera apparaître ton Bureau.

A++

migg · le 31 août 2010

Bonsoir

voici mon resultat

Rapport de ZHPFix v1.12.3141 par Nicolas Coolman, Update du 27/08/2010

Fichier d'export Registre :

Run by Client at 2010-08-31 17:01:30

Web site : ZHPFix Fix de rapport

Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========

O51 - MPSK:{c0891398-ee84-11de-a88c-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\DPFMate.exe (.not file.) => Clé supprimée avec succès

O51 - MPSK:{d34a19ad-bdbc-11de-a873-00123f5f7d82}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- explorer.exe "https://www.ikeymedia.com/exterio/Ikm2160129.aspx?bbbb=1a71c193-1787-4cf0-a5ea-2bae00c1179e&dddd=ded7bf8a-9511-44c7-b842'>https://www.ikeymedia.com/exterio/Ikm2160129.aspx?bbbb=1a71c193-1787-4cf0-a5ea-2bae00c1179e&dddd=ded7bf8a-9511-44c7-b842 => Clé absente

========== Fichier(s) ==========

h:\dpfmate.exe => Fichier supprimé au reboot

explorer.exe "https://www.ikeymedia.com => Supprimé et mis en quarantaine

========== Récapitulatif ==========

2 : Clé(s) du Registre

2 : Fichier(s)

End of the scan

Pour ce qui est de mon bureau j'ai testé mais sans resultat

voici le message:

windows ne trouve pas 'explorer'. verifiez que vous avez entré le nom correctement

et essayez de nouveau...

est-ce une cause perdue???

migg

Connexion

Pas encore inscrit ?

antimalware doctor

Messages recommandés

migg

Florinator

migg

Florinator

migg

migg

Florinator

migg

Florinator

migg

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer