Infection Antimalware Doctor

[Sorsha]

Bonsoir !

 

Et bien voilà, j'ai eu la désagréable surprise de découvrir ce virus sur mon PC...Plus moyen d'accéder au poste de travail, ni au panneau de configuration, impossible de désinstaller le truc via CCleaner, Antivir qui s'affole, bref, l'horreur...

Quelqu'un pourrait-il m'aider s'il vous plaît ? Je viens de lancer Malwarebytes' ça pourrait-être utile ?

En tout cas, merci d'avance !

 

Voici le rapport HijackThis : (Je vois bien que y'a des lignes qui sont pas clean mais je fais rien sans un avis éclairé. Et en plus, comme chaque cas est particulier...)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:38:47, on 06/09/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18943)

Boot mode: Normal

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:39:54, on 06/09/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18943)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATK Hotkey\HControlUser.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\conime.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache-etu.univ-artois.fr:3128

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [mediafix70700en02.exe] C:\Users\Céd\AppData\Roaming\8B97A17DE631D8F1C9680EC6F4292F0F\mediafix70700en02.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: Antimalware Doctor.lnk = ?

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Service Google Update (gupdate1c9d2582b814eb1) (gupdate1c9d2582b814eb1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 7925 bytes

 

[Sorsha]

Rebonjour !

 

Voici le rapport MBAM, qui semble avoir bien travaillé, plus d'alertes Antivir. Cela étant, je ne peux toujours pas accéder à mon panneau de configuration et quand je clique sur l'onglet Ordinateur (suis sous Vista), c'est une fenêtre Gestion de l'ordinateur qui s'ouvre...

Merci d'avance !

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4557

 

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.18943

 

07/09/2010 10:52:43

mbam-log-2010-09-07 (10-52-43).txt

 

Type d'examen: Examen complet (C:\|E:\|)

Elément(s) analysé(s): 370213

Temps écoulé: 1 heure(s), 18 minute(s), 58 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 8

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Users\Cédrinette\AppData\Local\Temp\76A9.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Local\Temp\7745.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Local\Temp\7793.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Local\Temp\sxcfgslr.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Roaming\8B97A17DE631D8F1C9680EC6F4292F0F\mediafix70700en02.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

C:\Users\Cédrinette\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.

[Sorsha]

Et voici le rapport ZHPDiag :

 

Rapport de ZHPDiag v1.26.592 par Nicolas Coolman, Update du 06/09/2010

Run by Céd at 07/09/2010 12:37:22

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18943

MFIE: Mozilla Firefox (3.5.11)

 

---\\ System Information

Platform : Windows Vista Home Premium (6.0.6002) Service Pack 2

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3036 MB (49% free)

System drive C: has 37 GB (16%) free of 221 GB

 

---\\ Logged in mode

Computer Name: CÉD

User Name: Céd

All Users Names: Céd, Administrateur,

Unselected Option: O1,O45,O61,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 221 Go)

E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

 

 

---\\ Processus lancés

[MD5.A6001C8CF042D31AB1377CC7626A1046] - (.Pas de propriétaire - HControlUser.) -- C:\Program Files\ATK Hotkey\HControlUser.exe [98304]

[MD5.7126A2F48B7D961E4ADE3222E433EE21] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520]

[MD5.6C8512D51F06339B95C44DF047EB758E] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944]

[MD5.2E4944668FC75A677BE8945EEB332F26] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]

[MD5.E6CB83FF2C098C6FFCF2D43A4AAC9B54] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6139904]

[MD5.4CC7CECAC1B4EBB62BD50E1161B5162A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.FB080B91571E915D1FDF0D8CF6736FA2] - (.Avira GmbH - Antivirus Control Center.) -- C:\program files\avira\antivir desktop\avcenter.exe [470785]

[MD5.D5C0706ADD9AA212680410B1F58E3609] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]

[MD5.230EC324D37DFB594B8FF296D239423E] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [908248]

[MD5.415617780C17047D2E19B10699A0CE02] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [548352]

[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]

 

 

---\\ Page de démarrage de Mozilla Firefox (M0)

M0 - MFSP: prefs.js [Céd - ekkmh7or.default] Google

 

 

---\\ Programmes d'extension pour Mozilla Firefox (M2)

M2 - MFEP: prefs.js [Céd - ekkmh7or.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.1 (.Microsoft.)

 

 

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll

P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache-etu.univ-artois.fr:3128

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [HControlUser] . (.Pas de propriétaire - HControlUser.) -- C:\Program Files\ATK Hotkey\HcontrolUser.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Ajouter au fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la sélection en Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{7F470229-7BCA-4527-9133-81194089520E}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\..\{9ABD475D-54FF-4B6E-AC77-02FCFA2FE171}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{9BD192E7-911F-45CB-B46B-24328399D935}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{7F470229-7BCA-4527-9133-81194089520E}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{9ABD475D-54FF-4B6E-AC77-02FCFA2FE171}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{9BD192E7-911F-45CB-B46B-24328399D935}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{7F470229-7BCA-4527-9133-81194089520E}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{9ABD475D-54FF-4B6E-AC77-02FCFA2FE171}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{9BD192E7-911F-45CB-B46B-24328399D935}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} . (.Skyline software systems Inc. - TerraExplorerX DLL.) -- C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) . (.Pas de propriétaire - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Service Google Update (gupdate1c9d2582b814eb1) (gupdate1c9d2582b814eb1) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Extension de garantie-Céd.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Uniblue SpeedUpMyPC Nag.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Uniblue SpeedUpMyPC.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{8AA6CB35-67D7-45A2-B1F4-C87EC19E4522} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Adobe Shockwave Director 10.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Macromed\Director\SwDir.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r22.) -- C:\Windows\system32\Macromed\Flash\Flash10b.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip 4.62 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

O42 - Logiciel: ATK Hotkey - (.ATK.) [HKLM] -- {3912D529-02BC-4CA8-B5ED-0D0C20EB6003}

O42 - Logiciel: ATK Hotkey V1.00.0034 - (.Pas de propriétaire.) [HKLM] -- ATKHotkey

O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM] -- {193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}

O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}

O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}

O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}

O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}

O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM] -- {A2D81E70-2A98-4A08-A628-94388B063C5E}

O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {73B5D990-04EA-4751-B10F-5534770B91F2}

O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

O42 - Logiciel: Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {5D2398DF-3022-4820-93BA-F1175FBEA9CA}

O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {4BDB76C6-902E-41D5-9064-68768E02886B}

O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {BE5F3842-8309-4754-92D5-83E02E6077A3}

O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {80FD3971-8482-49C8-BA8C-B6464A15882F}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}

O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM] -- {1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}

O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3}

O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6E08CE13-C2AB-4749-9335-5900B958929E}

O42 - Logiciel: Adobe InDesign CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}

O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}

O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM] -- {6B708481-748A-4EB4-97C1-CD386244FF77}

O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C1FA4B3B-1625-4922-9C9D-780E8FCE161A}

O42 - Logiciel: Adobe Reader 9.3.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}

O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {1628F6BD-5ED1-4FD1-B90F-C106AF4E00F0}

O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183}

O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}

O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}

O42 - Logiciel: Adobe Video Profiles - (.Adobe Systems Incorporated.) [HKLM] -- {845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}

O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE}

O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}

O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}

O42 - Logiciel: Ajouter ou supprimer Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_b5d5789539ea1f004a4defceea74312

O42 - Logiciel: Ant Renamer - (.Ant Software.) [HKLM] -- Ant Renamer 2_is1

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: Dragon Age: Origins - (.Electronic Arts, Inc..) [HKLM] -- {AEC81925-9C76-4707-84A9-40696C613ED3}

O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader

O42 - Logiciel: Free Mp3 Wma Converter V 1.8.0 - (.Pas de propriétaire.) [HKLM] -- Free Mp3 Wma Converter_is1

O42 - Logiciel: Free iPod Video Converter 1.34 - (.Jodix Technologies Ltd..) [HKLM] -- Free iPod Video Converter_is1

O42 - Logiciel: Gardenscapes - (.Pas de propriétaire.) [HKLM] -- BFG-Gardenscapes

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {F7B0939E-58DF-11DF-B3A6-005056806466}

O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: IKEA Home Planner - (.IKEA IT.) [HKLM] -- {B3276CB1-20B6-4AF9-AAEC-E72C83816495}

O42 - Logiciel: Infocentre Rev. 2.0.0.1 - (.Pas de propriétaire.) [HKLM] -- Infocentre

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst

O42 - Logiciel: Intel Wireless WiFi Link Adapters Ver12.0.0.82 - (.Pas de propriétaire.) [HKLM] -- WLAN

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: Java 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216012FF}

O42 - Logiciel: Les Sims™ 3 - (.Electronic Arts.) [HKLM] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}

O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}

O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {F97E3841-CA9D-4964-9D64-26066241D26F}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {8FB1B528-E260-451E-9B55-E9152F94B80B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Mozilla Firefox (3.5.11) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.11)

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {1C4551A6-4743-4093-91E4-1477CD655043}

O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {980B9958-1239-4FC5-8C88-AC5650321036}

O42 - Logiciel: Nero 8 Essentials - (.Pas de propriétaire.) [HKLM] -- Nero8

O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {C50EF365-2898-489A-B6C7-30DAA466E9A2}

O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite

O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {19DC9559-9C20-4A46-A67D-7ECBA52A2788}

O42 - Logiciel: Nokia Software Updater - (.Nokia Corporation.) [HKLM] -- {4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}

O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}

O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (05/22/2008 3. - (.Nokia.) [HKLM] -- C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (05/22/2008 7.00.0.1) - (.Nokia.) [HKLM] -- 9CD348AE9C64C4B939B624E8E24F3903EFDFC82B

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4) - (.Nokia.) [HKLM] -- 8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (10/05/2009 4.2) - (.Nokia.) [HKLM] -- 05B59228C7E1C21DFBE89260F879BD95880548D8

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- ImageWriter

O42 - Logiciel: Packard Bell LCD Test - (.Pas de propriétaire.) [HKLM] -- LCDTest

O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- Updator

O42 - Logiciel: Photorécit 3 pour Windows - (.Microsoft Corporation.) [HKLM] -- {4F41AD68-89F2-4262-A32C-2F70B01FCE9E}

O42 - Logiciel: Poladroid - (.Poladroid.net.) [HKLM] -- {E8FF78D0-4D1C-4B2D-AC80-670F135F5461}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}

O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek High Definition Audio Driver V6.0.1.5618 - (.Pas de propriétaire.) [HKLM] -- AUDIO

O42 - Logiciel: Realtek RTL8101E Family PCI-E Fast Ethernet NIC V6.206.0502.2008 - (.Pas de propriétaire.) [HKLM] -- LAN

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}

O42 - Logiciel: RegSupreme - (.Macecraft Software.) [HKLM] -- RegSupreme_is1

O42 - Logiciel: SeaTools for Windows - (.Seagate Technology.) [HKLM] -- {98613C99-1399-416C-A07C-1EE1C585D872}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2277947) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5857EE21-03D0-482E-9620-5A30B314A2AE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E8766951-2B6C-4022-86E8-80D2D1762B76}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB980376) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{48113C06-9BA2-4D54-A731-D1D2C5B3144A}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2251419) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7E9103DA-253F-41FF-9E83-7C83806C77DA}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: SetUp My PC - (.Pas de propriétaire.) [HKLM] -- SETUPMYPC_FR

O42 - Logiciel: Skype 3.6.2.248 - (.Pas de propriétaire.) [HKLM] -- SKYPE

O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM] -- Spotify

O42 - Logiciel: Submission Wizard V7.3 - (.Pas de propriétaire.) [HKLM] -- Submission Wizard V7.3

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Synaptics Pointing Device driver V11.1.22.0 - (.Pas de propriétaire.) [HKLM] -- Touchpad

O42 - Logiciel: TerraExplorer - (.Skyline Software Systems, Inc..) [HKLM] -- TerraExplorer

O42 - Logiciel: USB 2.0 1.3M UVC WebCam - (.Pas de propriétaire.) [HKLM] -- USB 2.0 1.3M UVC WebCam

O42 - Logiciel: USB 2.0 VGA UVC WebCam driver V61.005.028.260 - (.Pas de propriétaire.) [HKLM] -- CAMERA

O42 - Logiciel: USB Mass Storage Driver V6.0.6000.20062 - (.Pas de propriétaire.) [HKLM] -- CardReader

O42 - Logiciel: Unlocker 1.8.7 - (.Cedrick Collomb.) [HKLM] -- Unlocker

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2279264) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}

O42 - Logiciel: VDownloader 1.12 - (.Enrique Puertas.) [HKLM] -- {CA567AD5-33A4-403D-86D1-EE2D38251951}_is1

O42 - Logiciel: VLC media player 0.9.9 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Video mp3 Extractor - (.GeoVid.) [HKLM] -- Video mp3 Extractor_is1

O42 - Logiciel: Video to Flash Converter - (.GeoVid.) [HKLM] -- Video to Flash Converter_is1

O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {03D1988F-469F-4843-8E6E-E5FE9D17889D}

O42 - Logiciel: WIDCOMM Bluetooth Software pack V5.2.0.500 - (.Pas de propriétaire.) [HKLM] -- Bluetooth

O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {ED00D08A-3C5F-488D-93A0-A04F21F23956}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\3rd Eye Solutions]

[HKCU\Software\7-Zip]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Apex Pacific]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Audacity]

[HKCU\Software\Avira]

[HKCU\Software\BVRP Software]

[HKCU\Software\Big Fish Games]

[HKCU\Software\BitTorrent]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\DT Soft]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\Elecard]

[HKCU\Software\Electronic Arts]

[HKCU\Software\Exploit Information Technology Limited]

[HKCU\Software\Foxit Software]

[HKCU\Software\Geovid]

[HKCU\Software\Google]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nokia]

[HKCU\Software\ODBC]

[HKCU\Software\PDFCreator]

[HKCU\Software\Packard Bell]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\SecuROM]

[HKCU\Software\Skyline]

[HKCU\Software\Skype]

[HKCU\Software\Spamihilator]

[HKCU\Software\Spointer]

[HKCU\Software\Spotify]

[HKCU\Software\Synaptics]

[HKCU\Software\TS3 Install Helper]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Widcomm]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Xobni]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\keyhole.com]

[HKCU\Software\stevengould.org]

[HKLM\Software\13fe]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ATK]

[HKLM\Software\AVConverter]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\AsLdr]

[HKLM\Software\Audible]

[HKLM\Software\Avira]

[HKLM\Software\Big Fish Games]

[HKLM\Software\BioWare]

[HKLM\Software\Boonty]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CODEMASTERS]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CompanyA]

[HKLM\Software\CrazyLoader]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\DT Soft]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\EasyBits]

[HKLM\Software\Electronic Arts]

[HKLM\Software\FileZilla 3]

[HKLM\Software\FileZilla Client]

[HKLM\Software\Foxit Software]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Jodix]

[HKLM\Software\Licenses]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NeroDigital]

[HKLM\Software\Nero]

[HKLM\Software\Nokia Mobile Phones]

[HKLM\Software\Nokia]

[HKLM\Software\ODBC]

[HKLM\Software\OMSI]

[HKLM\Software\OemSetup]

[HKLM\Software\PACKARD BELL]

[HKLM\Software\PB_EBAY]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PCSuite]

[HKLM\Software\Piriform]

[HKLM\Software\PocketSoft]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Reallusion]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek USB 2.0 Card Reader]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SONIX]

[HKLM\Software\SRS Labs]

[HKLM\Software\Sims]

[HKLM\Software\Skyline]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\Team17]

[HKLM\Software\TrendMicro]

[HKLM\Software\Uniblue]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\Widcomm]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\ffffffff]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Ant Renamer

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\ATK Hotkey

O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour

O43 - CFD:Common File Directory ----D- C:\Program Files\BoontyGames

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Cisco

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\Convertisseur Sons

O43 - CFD:Common File Directory ----D- C:\Program Files\CrazyLoader

O43 - CFD:Common File Directory ----D- C:\Program Files\DAEMON Tools Lite

O43 - CFD:Common File Directory ----D- C:\Program Files\Defraggler

O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX

O43 - CFD:Common File Directory ----D- C:\Program Files\DivX

O43 - CFD:Common File Directory ----D- C:\Program Files\Dragon Age

O43 - CFD:Common File Directory ----D- C:\Program Files\Dynamic Submission V7

O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts

O43 - CFD:Common File Directory ----D- C:\Program Files\Exploit

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client

O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Free iPod Video Converter

O43 - CFD:Common File Directory ----D- C:\Program Files\Gardenscapes

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\HDReg

O43 - CFD:Common File Directory ----D- C:\Program Files\HijackThis

O43 - CFD:Common File Directory ----D- C:\Program Files\IKEA HomePlanner

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\iPod

O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\MaCuisineLapeyreAuthentique

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft WSE

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MP3 Converter

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECACHE

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\NeroInstall.bak

O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Packard Bell

O43 - CFD:Common File Directory ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator

O43 - CFD:Common File Directory ----D- C:\Program Files\Photorécit

O43 - CFD:Common File Directory ----D- C:\Program Files\Poladroid

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Red Light

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\RegSupreme

O43 - CFD:Common File Directory ----D- C:\Program Files\Seagate

O43 - CFD:Common File Directory ----D- C:\Program Files\Skyline

O43 - CFD:Common File Directory R---D- C:\Program Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Spamihilator

O43 - CFD:Common File Directory ----D- C:\Program Files\Spotify

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory ----D- C:\Program Files\Trine

O43 - CFD:Common File Directory ----D- C:\Program Files\TS3 Install Helper Monkey

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker

O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent

O43 - CFD:Common File Directory ----D- C:\Program Files\VDOWNLOADER

O43 - CFD:Common File Directory ----D- C:\Program Files\Video mp3 Extractor

O43 - CFD:Common File Directory ----D- C:\Program Files\Video to Flash Converter

O43 - CFD:Common File Directory ----D- C:\Program Files\VLC

O43 - CFD:Common File Directory ----D- C:\Program Files\Western Digital

O43 - CFD:Common File Directory ----D- C:\Program Files\WIDCOMM

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\Worms

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BioWare

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BOONTY Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Control Panels

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PCSuite

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD:Common File Directory ----D- C:\ProgramData\Acer

O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe

O43 - CFD:Common File Directory ----D- C:\ProgramData\ALM

O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple

O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data

O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira

O43 - CFD:Common File Directory ----D- C:\ProgramData\BioWare

O43 - CFD:Common File Directory ----D- C:\ProgramData\BOONTY

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau

O43 - CFD:Common File Directory --H-D- C:\ProgramData\CanonBJ

O43 - CFD:Common File Directory ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop

O43 - CFD:Common File Directory ----D- C:\ProgramData\Digsby

O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents

O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites

O43 - CFD:Common File Directory ----D- C:\ProgramData\FLEXnet

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google

O43 - CFD:Common File Directory ----D- C:\ProgramData\Google Updater

O43 - CFD:Common File Directory ----D- C:\ProgramData\Installations

O43 - CFD:Common File Directory ----D- C:\ProgramData\InstallShield

O43 - CFD:Common File Directory ----D- C:\ProgramData\Intel

O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes

O43 - CFD:Common File Directory ----D- C:\ProgramData\Media Center Programs

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft

O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles

O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero

O43 - CFD:Common File Directory ----D- C:\ProgramData\Nokia

O43 - CFD:Common File Directory ----D- C:\ProgramData\Office Genuine Advantage

O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Suite

O43 - CFD:Common File Directory ----D- C:\ProgramData\Playrix Entertainment

O43 - CFD:Common File Directory ----D- C:\ProgramData\Roaming

O43 - CFD:Common File Directory ----D- C:\ProgramData\Skyline

O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu

O43 - CFD:Common File Directory ----D- C:\ProgramData\Symantec

O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP

O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates

O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch

O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BioWare

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BOONTY Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Control Panels

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PCSuite

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 07/09/2010 - 11:07:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1191194]

O44 - LFC:[MD5.AD34CB52185B058BC10F61D5EA6A685B] - 07/09/2010 - 09:53:33 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.3C1AAF3CCA1B7B10253C9F561CF3273B] - 07/09/2010 - 09:52:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [158050]

O44 - LFC:[MD5.EE3FD74C63DD645390E9354226D3D79F] - 07/09/2010 - 07:18:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [854]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 06/09/2010 - 11:06:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [69]

O44 - LFC:[MD5.A914FEDF0F0F704B600651ED9589FC5F] - 04/09/2010 - 20:23:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1478524]

O44 - LFC:[MD5.76A9628FD315D836638030DE3C39133C] - 04/09/2010 - 20:23:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [102094]

O44 - LFC:[MD5.72B610269B7E84F66EA5BED363A8C940] - 04/09/2010 - 20:23:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [124434]

O44 - LFC:[MD5.C53CDA5B73682FB5557098AACBC2B198] - 04/09/2010 - 20:23:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [590082]

O44 - LFC:[MD5.CB2AD6F21DA2ADB3A3426CFE806F797C] - 04/09/2010 - 20:23:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [672322]

O44 - LFC:[MD5.A38C6D2AC272E699E82384479C77B3FE] - 18/08/2010 - 10:06:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Sphinx.ini [4607]

O44 - LFC:[MD5.248DFA5762DDE38DFDDBBD44149E9D7A] - 13/08/2010 - 22:51:22 R--A- . (.Avanquest Software - BVRP NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\System32\drivers\BVRPMPR5.SYS [49904]

O44 - LFC:[MD5.682A2EDF98FFC772689279A86458B96B] - 12/08/2010 - 20:43:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [1736184]

O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 11/08/2010 - 19:29:00 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [81920]

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{223cc1c1-ebf0-11dd-b3aa-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe (.not file.)

O51 - MPSK:{2b94b77a-edfa-11dd-8e2a-00215d36e526}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\sphg\SuiteportableHG.exe (.not file.)

O51 - MPSK:{9b9d4fac-e7bc-11dd-88bc-00215d36e526}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- fk.exe (.not file.)

O51 - MPSK:{a26ae22a-ee26-11dd-9391-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\ (.not file.)

O51 - MPSK:{daacdfbb-84ea-11df-b1cc-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe -a (.not file.)

O51 - MPSK:{ee3ab1aa-0b48-11de-8f07-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- WDSetup.exe (.not file.)

O51 - MPSK:{fd0f2590-d266-11dd-bfb6-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- D:\LaunchU3.exe -a (.not file.)

O51 - MPSK:{fd0f2599-d266-11dd-bfb6-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- D:\LaunchU3.exe (.not file.)

O51 - MPSK:{fd0f25ab-d266-11dd-bfb6-0023543676e2}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- wd_windows_tools\setup.exe (.not file.)

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O53 - SMSR:HKLM\...\startupreg\mediafix70700en02.exe [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Users\Céd\AppData\Roaming\8B97A17DE631D8F1C9680EC6F4292F0F\mediafix70700en02.exe

O53 - SMSR:HKLM\...\startupreg\Nokia.PCSync [Key] . (.Nokia - PC Sync.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe

O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\SmpcSys [Key] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O53 - SMSR:HKLM\...\startupreg\toolbar_eula_launcher [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Unlocker\UnlockerAssistant.exe

O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.97AFFA9D95FFE20EEE6229BC6BE166CF] - 14/12/2006 - 08:11:58 ---A- . (.ATK0100 - ATK0100 ACPI Utility.) -- C:\Windows\system32\drivers\ATKACPI.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 15:32:28 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.F2F7342742180D5060285499DEE50F99] - 17/03/2008 - 01:42:22 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys

O58 - SDL:[MD5.32F59F26A30CFC508DA11DB3EA0F8B77] - 17/03/2008 - 01:42:20 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys

O58 - SDL:[MD5.ECB98391C756A7B9CFBAE89D9D1235E1] - 29/01/2008 - 03:46:58 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys

O58 - SDL:[MD5.03658734EF7D0F3B3F4636D3E8A38964] - 17/03/2008 - 01:42:16 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys

O58 - SDL:[MD5.248DFA5762DDE38DFDDBBD44149E9D7A] - 12/06/2009 - 00:34:34 R--A- . (.Avanquest Software - BVRP NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\BVRPMPR5.SYS

O58 - SDL:[MD5.357DDB51E03CAE598C096D95497373D0] - 06/10/2009 - 11:52:34 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmb.sys

O58 - SDL:[MD5.7CD443F9D36C80E152FADB274089577A] - 06/10/2009 - 11:52:34 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmbo.sys

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.A0A4099F99DC352B64C87684E49CE927] - 27/08/2007 - 14:12:06 ---A- . (.FreeBox SA - Carte réseau virtuelle FreeBox USB.) -- C:\Windows\system32\drivers\fbxusb32.sys

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.80C633722DA72E97F3F5B3B11325696D] - 07/05/2008 - 10:40:02 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.F1F52F4B4DD7CB8B47570690363F1B28] - 07/07/2008 - 04:15:24 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.E559EA9138C77B5D1FDA8C558764A25F] - 28/04/2008 - 06:29:26 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.02120406F27F5895DFCE4C640E6EE237] - 06/10/2009 - 11:56:34 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdnsu.sys

O58 - SDL:[MD5.9C5DE8B7CF5680307BBDF512C9258ECC] - 06/10/2009 - 11:56:32 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\Windows\system32\drivers\nmwcdnsuc.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 26/08/2008 - 09:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfd.sys

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.219CA9A36D6DE2EC04F958C907673436] - 07/05/2008 - 12:22:50 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys

O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 02/05/2008 - 06:59:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys

O58 - SDL:[MD5.0D1C1B0DE2819FE1EA25098183130B64] - 03/01/2008 - 19:35:16 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.0057F29323C393A35903B4C5DAF9A144] - 09/05/2007 - 08:16:40 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys

O58 - SDL:[MD5.0302BC619D4A723317E7F8EB0C362BD3] - 01/10/2007 - 07:59:46 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 26/12/2008 - 02:50:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 14/07/2009 - 08:35:59 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.8CC32B5C9A89CAEA4EFB68B2606E15E5] - 10/07/2008 - 10:52:30 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 28/08/2009 - 18:42:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys

O58 - SDL:[MD5.15629E4D65F97AB5432D6D9597CF6A33] - 06/10/2009 - 11:52:34 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerflt.sys

O58 - SDL:[MD5.5C17E6A11AA8BE53F79FD364BA19F0CE] - 06/10/2009 - 11:52:50 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerfltj.sys

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (.random/random.)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\system32\drivers\BVRPMPR5.sys - BVRPMPR5 NDIS Protocol Driver (BVRPMPR5) .(.Avanquest Software - BVRP NDIS 5.0 MPR Protocol Driver.) - LEGACY_BVRPMPR5

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON

O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Users\CDRINE~1\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - ISA/EISA Class Driver (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - Filtre NativeWiFi (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB

O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS3.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Search Google) - Google

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Live Search) - Bing

 

 

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by Céd at 07/09/2010 12:39:23

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iastor.sys spmz.sys >>UNKNOWN [0x8569A938]<<

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Internet Feature Controls (IFC) (O81)

O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe

O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [122880]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 14/07/2009 108289 | Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 18/08/2009 185089 | Avira AntiVir Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 09/07/2009 144712 | Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

SR - | Auto 02/10/2007 94208 | ASLDR Service (ASLDRService) . (.Pas de propriétaire.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

SS - | Disabled 12/12/2008 238888 | Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Disabled 12/12/2008 0 | Boonty Games (Boonty Games) . (.Pas de propriétaire.) - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe

SR - | Auto 10/04/2008 518696 | Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

SS - | Demand 15/12/2009 25832 | Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) . (.BioWare.) - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

SR - | Auto 10/07/2008 819200 | Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

SS - | Demand 19/09/2008 647680 | FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Auto 11/05/2009 133104 | Service Google Update (gupdate1c9d2582b814eb1) (gupdate1c9d2582b814eb1) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Auto 11/05/2009 183280 | Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 12/11/2009 545568 | Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Disabled 03/12/2007 869672 | Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

SS - | Demand 14/01/2008 447784 | NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

SR - | Auto 19/12/2006 81920 | PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe

SR - | Auto 10/07/2008 466944 | Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel® Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

SS - | Demand 27/10/2009 657408 | ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

 

 

End of the scan (1163 lines in 02mn 02s)(0)

[pear]

Bonjour,

 

Téléchargez les logiciels suivants pour les lancer l'un après l'autre.

Si l'infection en bloque l'installation,utilisez une clé usb, sur un pc sain.Lancez les à partir de cette clé Usb

Vous en posterez tous les rapports ensuite, à la fin des 3 procédures

Télécharger TDSSKILLER

- Télécharger le .zip sur le Bureau.

- Extraire son contenu (clic droit >> "Extraire tout...") et valider ;

- Un dossier tdsskiller sera créé sur le Bureau.

Cliquer surStart scan pour lancer l'analyse.

Lorsque l'outil a terminé son travail d'inspection,

 

si des nuisibles ("Malicious objects") ont été trouvés,

 

vérifier que l'option est sélectionnée,

 

puis cliquer sur le bouton ,

 

puis sur le bouton

 

Envoyer en réponse:

*- le rapport de TDSSKiller (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)

[systemDrive représente la partition sur laquelle est installé le système, généralement C:]

 

Télécharger Rkill de Grinler sur le bureau,

double clic pour le lancer.

Sous Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur"

Une fenêtre (très rapide) indiquera que tout s'est bien déroulé.

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

il y aura 'un rapport là: %SystemDrive%\rkill.log

donnant la liste de tous les processus arrêtés.

 

Désinstallez Mbam, s'il est installé

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Vous devez désactiver vos protections et ne savez pas comment faire ->Sur PCA,En Français

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen complet"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

[Sorsha]

Bonjour et merci de m'aider !!!

 

Voici le rapport TDSSKiller :

 

2010/09/07 14:28:02.0430 TDSS rootkit removing tool 2.4.2.0 Sep 3 2010 10:26:06

2010/09/07 14:28:02.0430 ================================================================================

2010/09/07 14:28:02.0430 SystemInfo:

2010/09/07 14:28:02.0430

2010/09/07 14:28:02.0430 OS Version: 6.0.6002 ServicePack: 2.0

2010/09/07 14:28:02.0430 Product type: Workstation

2010/09/07 14:28:02.0430 ComputerName: CÉDRINETTE

2010/09/07 14:28:02.0431 UserName: Cédrinette

2010/09/07 14:28:02.0431 Windows directory: C:\Windows

2010/09/07 14:28:02.0431 System windows directory: C:\Windows

2010/09/07 14:28:02.0431 Processor architecture: Intel x86

2010/09/07 14:28:02.0431 Number of processors: 2

2010/09/07 14:28:02.0431 Page size: 0x1000

2010/09/07 14:28:02.0431 Boot type: Normal boot

2010/09/07 14:28:02.0431 ================================================================================

2010/09/07 14:28:08.0660 Initialize success

2010/09/07 14:28:13.0721 ================================================================================

2010/09/07 14:28:13.0721 Scan started

2010/09/07 14:28:13.0721 Mode: Manual;

2010/09/07 14:28:13.0721 ================================================================================

2010/09/07 14:28:14.0344 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2010/09/07 14:28:14.0413 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2010/09/07 14:28:14.0473 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2010/09/07 14:28:14.0526 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2010/09/07 14:28:14.0592 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2010/09/07 14:28:14.0683 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2010/09/07 14:28:14.0723 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2010/09/07 14:28:14.0791 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2010/09/07 14:28:14.0874 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2010/09/07 14:28:14.0925 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2010/09/07 14:28:14.0971 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2010/09/07 14:28:15.0001 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2010/09/07 14:28:15.0032 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2010/09/07 14:28:15.0101 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2010/09/07 14:28:15.0156 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2010/09/07 14:28:15.0218 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/09/07 14:28:15.0245 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2010/09/07 14:28:15.0323 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

2010/09/07 14:28:15.0356 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys

2010/09/07 14:28:15.0393 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys

2010/09/07 14:28:15.0451 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2010/09/07 14:28:15.0511 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2010/09/07 14:28:15.0602 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2010/09/07 14:28:15.0650 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2010/09/07 14:28:15.0703 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2010/09/07 14:28:15.0749 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2010/09/07 14:28:15.0805 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2010/09/07 14:28:15.0854 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2010/09/07 14:28:15.0902 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2010/09/07 14:28:15.0980 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

2010/09/07 14:28:16.0039 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys

2010/09/07 14:28:16.0104 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2010/09/07 14:28:16.0177 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys

2010/09/07 14:28:16.0265 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys

2010/09/07 14:28:16.0331 btwaudio (f2f7342742180d5060285499dee50f99) C:\Windows\system32\drivers\btwaudio.sys

2010/09/07 14:28:16.0378 btwavdt (32f59f26a30cfc508da11db3ea0f8b77) C:\Windows\system32\drivers\btwavdt.sys

2010/09/07 14:28:16.0439 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys

2010/09/07 14:28:16.0492 btwrchid (03658734ef7d0f3b3f4636d3e8a38964) C:\Windows\system32\DRIVERS\btwrchid.sys

2010/09/07 14:28:16.0592 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS

2010/09/07 14:28:16.0647 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2010/09/07 14:28:16.0696 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2010/09/07 14:28:16.0770 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2010/09/07 14:28:16.0836 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2010/09/07 14:28:16.0892 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2010/09/07 14:28:16.0937 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2010/09/07 14:28:16.0990 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2010/09/07 14:28:17.0025 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2010/09/07 14:28:17.0081 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2010/09/07 14:28:17.0182 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2010/09/07 14:28:17.0247 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2010/09/07 14:28:17.0318 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2010/09/07 14:28:17.0390 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2010/09/07 14:28:17.0478 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2010/09/07 14:28:17.0549 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2010/09/07 14:28:17.0632 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2010/09/07 14:28:17.0689 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2010/09/07 14:28:17.0789 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2010/09/07 14:28:17.0841 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2010/09/07 14:28:17.0886 fbxusb (a0a4099f99dc352b64c87684e49ce927) C:\Windows\system32\DRIVERS\fbxusb32.sys

2010/09/07 14:28:17.0979 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2010/09/07 14:28:18.0016 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2010/09/07 14:28:18.0068 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2010/09/07 14:28:18.0111 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/09/07 14:28:18.0170 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2010/09/07 14:28:18.0233 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2010/09/07 14:28:18.0276 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2010/09/07 14:28:18.0325 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2010/09/07 14:28:18.0392 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2010/09/07 14:28:18.0453 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/09/07 14:28:18.0499 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2010/09/07 14:28:18.0533 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2010/09/07 14:28:18.0614 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2010/09/07 14:28:18.0662 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2010/09/07 14:28:18.0733 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2010/09/07 14:28:18.0761 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2010/09/07 14:28:18.0786 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/09/07 14:28:18.0861 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys

2010/09/07 14:28:18.0897 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2010/09/07 14:28:19.0017 igfx (f1f52f4b4dd7cb8b47570690363f1b28) C:\Windows\system32\DRIVERS\igdkmd32.sys

2010/09/07 14:28:19.0115 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2010/09/07 14:28:19.0234 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys

2010/09/07 14:28:19.0319 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2010/09/07 14:28:19.0367 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2010/09/07 14:28:19.0415 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/09/07 14:28:19.0489 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2010/09/07 14:28:19.0518 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2010/09/07 14:28:19.0601 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2010/09/07 14:28:19.0636 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2010/09/07 14:28:19.0690 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/09/07 14:28:19.0825 ISWKL (f2ad07d41e00d333187542a1b1d31d78) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

2010/09/07 14:28:19.0874 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2010/09/07 14:28:19.0907 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2010/09/07 14:28:19.0947 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/09/07 14:28:19.0980 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

2010/09/07 14:28:20.0046 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2010/09/07 14:28:20.0107 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2010/09/07 14:28:20.0170 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2010/09/07 14:28:20.0204 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2010/09/07 14:28:20.0239 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2010/09/07 14:28:20.0280 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2010/09/07 14:28:20.0329 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2010/09/07 14:28:20.0390 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2010/09/07 14:28:20.0470 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2010/09/07 14:28:20.0513 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2010/09/07 14:28:20.0557 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2010/09/07 14:28:20.0590 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2010/09/07 14:28:20.0620 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2010/09/07 14:28:20.0655 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2010/09/07 14:28:20.0724 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2010/09/07 14:28:20.0808 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2010/09/07 14:28:20.0889 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2010/09/07 14:28:20.0960 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/09/07 14:28:20.0992 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/09/07 14:28:21.0017 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/09/07 14:28:21.0064 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2010/09/07 14:28:21.0106 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2010/09/07 14:28:21.0161 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2010/09/07 14:28:21.0185 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2010/09/07 14:28:21.0241 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2010/09/07 14:28:21.0325 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/09/07 14:28:21.0343 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2010/09/07 14:28:21.0393 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2010/09/07 14:28:21.0441 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/09/07 14:28:21.0499 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2010/09/07 14:28:21.0632 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

2010/09/07 14:28:21.0753 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2010/09/07 14:28:21.0817 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2010/09/07 14:28:21.0884 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2010/09/07 14:28:21.0963 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/09/07 14:28:22.0001 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/09/07 14:28:22.0021 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/09/07 14:28:22.0060 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2010/09/07 14:28:22.0095 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2010/09/07 14:28:22.0152 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2010/09/07 14:28:22.0335 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys

2010/09/07 14:28:22.0487 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2010/09/07 14:28:22.0554 nmwcd (357ddb51e03cae598c096d95497373d0) C:\Windows\system32\drivers\ccdcmb.sys

2010/09/07 14:28:22.0619 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\Windows\system32\drivers\ccdcmbo.sys

2010/09/07 14:28:22.0694 nmwcdnsu (02120406f27f5895dfce4c640e6ee237) C:\Windows\system32\drivers\nmwcdnsu.sys

2010/09/07 14:28:22.0735 nmwcdnsuc (9c5de8b7cf5680307bbdf512c9258ecc) C:\Windows\system32\drivers\nmwcdnsuc.sys

2010/09/07 14:28:22.0792 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2010/09/07 14:28:22.0844 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2010/09/07 14:28:22.0917 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2010/09/07 14:28:22.0991 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2010/09/07 14:28:23.0028 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2010/09/07 14:28:23.0065 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2010/09/07 14:28:23.0110 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2010/09/07 14:28:23.0145 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2010/09/07 14:28:23.0238 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2010/09/07 14:28:23.0311 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2010/09/07 14:28:23.0368 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2010/09/07 14:28:23.0431 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2010/09/07 14:28:23.0507 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys

2010/09/07 14:28:23.0551 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2010/09/07 14:28:23.0597 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2010/09/07 14:28:23.0643 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2010/09/07 14:28:23.0738 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2010/09/07 14:28:23.0883 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2010/09/07 14:28:23.0916 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2010/09/07 14:28:23.0966 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2010/09/07 14:28:24.0043 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2010/09/07 14:28:24.0102 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2010/09/07 14:28:24.0135 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2010/09/07 14:28:24.0185 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2010/09/07 14:28:24.0221 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/09/07 14:28:24.0264 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/09/07 14:28:24.0283 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2010/09/07 14:28:24.0331 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2010/09/07 14:28:24.0386 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/09/07 14:28:24.0437 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2010/09/07 14:28:24.0460 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2010/09/07 14:28:24.0510 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2010/09/07 14:28:24.0595 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

2010/09/07 14:28:24.0648 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2010/09/07 14:28:24.0730 RTL8169 (2fc33077f85d7dc0d03678c06d43898c) C:\Windows\system32\DRIVERS\Rtlh86.sys

2010/09/07 14:28:24.0760 RTSTOR (0d1c1b0de2819fe1ea25098183130b64) C:\Windows\system32\drivers\RTSTOR.SYS

2010/09/07 14:28:24.0805 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2010/09/07 14:28:24.0867 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2010/09/07 14:28:24.0913 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2010/09/07 14:28:24.0946 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2010/09/07 14:28:24.0977 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2010/09/07 14:28:25.0067 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2010/09/07 14:28:25.0099 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2010/09/07 14:28:25.0128 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2010/09/07 14:28:25.0172 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2010/09/07 14:28:25.0217 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2010/09/07 14:28:25.0258 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2010/09/07 14:28:25.0288 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2010/09/07 14:28:25.0358 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2010/09/07 14:28:25.0477 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\Windows\system32\DRIVERS\snp2uvc.sys

2010/09/07 14:28:25.0556 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2010/09/07 14:28:25.0636 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys

2010/09/07 14:28:25.0637 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

2010/09/07 14:28:25.0644 sptd - detected Locked file (1)

2010/09/07 14:28:25.0729 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys

2010/09/07 14:28:25.0797 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys

2010/09/07 14:28:25.0837 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys

2010/09/07 14:28:25.0899 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys

2010/09/07 14:28:25.0960 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2010/09/07 14:28:26.0006 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2010/09/07 14:28:26.0048 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2010/09/07 14:28:26.0083 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2010/09/07 14:28:26.0138 SynTP (8cc32b5c9a89caea4efb68b2606e15e5) C:\Windows\system32\DRIVERS\SynTP.sys

2010/09/07 14:28:26.0233 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2010/09/07 14:28:26.0294 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2010/09/07 14:28:26.0354 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2010/09/07 14:28:26.0390 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2010/09/07 14:28:26.0425 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2010/09/07 14:28:26.0479 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2010/09/07 14:28:26.0522 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2010/09/07 14:28:26.0595 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/09/07 14:28:26.0632 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2010/09/07 14:28:26.0687 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2010/09/07 14:28:26.0730 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2010/09/07 14:28:26.0780 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2010/09/07 14:28:26.0831 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2010/09/07 14:28:26.0872 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2010/09/07 14:28:26.0927 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2010/09/07 14:28:26.0963 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2010/09/07 14:28:27.0005 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2010/09/07 14:28:27.0077 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys

2010/09/07 14:28:27.0153 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys

2010/09/07 14:28:27.0207 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

2010/09/07 14:28:27.0262 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/09/07 14:28:27.0330 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2010/09/07 14:28:27.0387 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2010/09/07 14:28:27.0445 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2010/09/07 14:28:27.0508 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2010/09/07 14:28:27.0543 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2010/09/07 14:28:27.0625 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2010/09/07 14:28:27.0715 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys

2010/09/07 14:28:27.0776 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys

2010/09/07 14:28:27.0863 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/09/07 14:28:27.0926 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/09/07 14:28:27.0977 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2010/09/07 14:28:28.0047 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/09/07 14:28:28.0102 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2010/09/07 14:28:28.0154 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2010/09/07 14:28:28.0180 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2010/09/07 14:28:28.0223 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2010/09/07 14:28:28.0255 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2010/09/07 14:28:28.0288 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2010/09/07 14:28:28.0355 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2010/09/07 14:28:28.0442 Vsdatant (f1bf5561f2befea9cb6451c5ac316ec7) C:\Windows\system32\DRIVERS\vsdatant.sys

2010/09/07 14:28:28.0549 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2010/09/07 14:28:28.0598 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2010/09/07 14:28:28.0642 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/07 14:28:28.0655 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/07 14:28:28.0735 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2010/09/07 14:28:28.0789 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2010/09/07 14:28:28.0914 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

2010/09/07 14:28:29.0025 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

2010/09/07 14:28:29.0056 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2010/09/07 14:28:29.0114 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/09/07 14:28:29.0177 ================================================================================

2010/09/07 14:28:29.0177 Scan finished

2010/09/07 14:28:29.0177 ================================================================================

2010/09/07 14:28:29.0188 Detected object count: 1

2010/09/07 14:28:43.0665 Locked file(sptd) - User select action: Skip

2010/09/07 14:28:52.0473 ================================================================================

2010/09/07 14:28:52.0473 Scan started

2010/09/07 14:28:52.0473 Mode: Manual;

2010/09/07 14:28:52.0473 ================================================================================

2010/09/07 14:28:52.0773 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2010/09/07 14:28:52.0843 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

2010/09/07 14:28:52.0903 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

2010/09/07 14:28:52.0933 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

2010/09/07 14:28:52.0966 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

2010/09/07 14:28:53.0035 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2010/09/07 14:28:53.0086 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

2010/09/07 14:28:53.0143 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2010/09/07 14:28:53.0192 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

2010/09/07 14:28:53.0222 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

2010/09/07 14:28:53.0268 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

2010/09/07 14:28:53.0341 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

2010/09/07 14:28:53.0406 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

2010/09/07 14:28:53.0475 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

2010/09/07 14:28:53.0508 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

2010/09/07 14:28:53.0558 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/09/07 14:28:53.0608 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2010/09/07 14:28:53.0686 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys

2010/09/07 14:28:53.0730 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys

2010/09/07 14:28:53.0790 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys

2010/09/07 14:28:53.0837 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2010/09/07 14:28:53.0907 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

2010/09/07 14:28:53.0939 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2010/09/07 14:28:53.0979 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2010/09/07 14:28:54.0011 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2010/09/07 14:28:54.0045 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2010/09/07 14:28:54.0068 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2010/09/07 14:28:54.0117 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2010/09/07 14:28:54.0142 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2010/09/07 14:28:54.0196 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

2010/09/07 14:28:54.0246 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys

2010/09/07 14:28:54.0301 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2010/09/07 14:28:54.0349 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys

2010/09/07 14:28:54.0383 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys

2010/09/07 14:28:54.0427 btwaudio (f2f7342742180d5060285499dee50f99) C:\Windows\system32\drivers\btwaudio.sys

2010/09/07 14:28:54.0463 btwavdt (32f59f26a30cfc508da11db3ea0f8b77) C:\Windows\system32\drivers\btwavdt.sys

2010/09/07 14:28:54.0490 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys

2010/09/07 14:28:54.0522 btwrchid (03658734ef7d0f3b3f4636d3e8a38964) C:\Windows\system32\DRIVERS\btwrchid.sys

2010/09/07 14:28:54.0577 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS

2010/09/07 14:28:54.0632 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2010/09/07 14:28:54.0681 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2010/09/07 14:28:54.0722 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

2010/09/07 14:28:54.0777 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2010/09/07 14:28:54.0833 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2010/09/07 14:28:54.0867 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

2010/09/07 14:28:54.0897 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2010/09/07 14:28:54.0917 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

2010/09/07 14:28:54.0988 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

2010/09/07 14:28:55.0033 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2010/09/07 14:28:55.0087 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2010/09/07 14:28:55.0136 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2010/09/07 14:28:55.0202 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2010/09/07 14:28:55.0252 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

2010/09/07 14:28:55.0302 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2010/09/07 14:28:55.0352 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

2010/09/07 14:28:55.0396 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

2010/09/07 14:28:55.0463 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2010/09/07 14:28:55.0515 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2010/09/07 14:28:55.0548 fbxusb (a0a4099f99dc352b64c87684e49ce927) C:\Windows\system32\DRIVERS\fbxusb32.sys

2010/09/07 14:28:55.0575 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

2010/09/07 14:28:55.0612 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2010/09/07 14:28:55.0641 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2010/09/07 14:28:55.0674 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/09/07 14:28:55.0733 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2010/09/07 14:28:55.0773 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2010/09/07 14:28:55.0849 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

2010/09/07 14:28:55.0942 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2010/09/07 14:28:56.0000 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2010/09/07 14:28:56.0063 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/09/07 14:28:56.0106 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2010/09/07 14:28:56.0139 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2010/09/07 14:28:56.0199 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2010/09/07 14:28:56.0235 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

2010/09/07 14:28:56.0297 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2010/09/07 14:28:56.0321 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

2010/09/07 14:28:56.0337 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/09/07 14:28:56.0391 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys

2010/09/07 14:28:56.0438 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

2010/09/07 14:28:56.0575 igfx (f1f52f4b4dd7cb8b47570690363f1b28) C:\Windows\system32\DRIVERS\igdkmd32.sys

2010/09/07 14:28:56.0644 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2010/09/07 14:28:56.0749 IntcAzAudAddService (219ca9a36d6de2ec04f958c907673436) C:\Windows\system32\drivers\RTKVHDA.sys

2010/09/07 14:28:56.0803 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2010/09/07 14:28:56.0840 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2010/09/07 14:28:56.0876 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/09/07 14:28:56.0906 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

2010/09/07 14:28:56.0935 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2010/09/07 14:28:56.0963 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2010/09/07 14:28:56.0987 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

2010/09/07 14:28:57.0029 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/09/07 14:28:57.0142 ISWKL (f2ad07d41e00d333187542a1b1d31d78) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

2010/09/07 14:28:57.0180 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2010/09/07 14:28:57.0202 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2010/09/07 14:28:57.0231 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/09/07 14:28:57.0264 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

2010/09/07 14:28:57.0329 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2010/09/07 14:28:57.0391 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2010/09/07 14:28:57.0432 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

2010/09/07 14:28:57.0465 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

2010/09/07 14:28:57.0501 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

2010/09/07 14:28:57.0517 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2010/09/07 14:28:57.0544 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

2010/09/07 14:28:57.0586 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

2010/09/07 14:28:57.0631 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2010/09/07 14:28:57.0662 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2010/09/07 14:28:57.0692 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2010/09/07 14:28:57.0718 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2010/09/07 14:28:57.0733 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2010/09/07 14:28:57.0761 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

2010/09/07 14:28:57.0797 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2010/09/07 14:28:57.0847 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2010/09/07 14:28:57.0878 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2010/09/07 14:28:57.0922 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/09/07 14:28:57.0946 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/09/07 14:28:57.0971 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/09/07 14:28:58.0015 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

2010/09/07 14:28:58.0045 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

2010/09/07 14:28:58.0089 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2010/09/07 14:28:58.0107 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2010/09/07 14:28:58.0147 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2010/09/07 14:28:58.0186 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/09/07 14:28:58.0205 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2010/09/07 14:28:58.0266 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2010/09/07 14:28:58.0302 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/09/07 14:28:58.0338 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2010/09/07 14:28:58.0382 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\Windows\system32\DRIVERS\ATKACPI.sys

2010/09/07 14:28:58.0414 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2010/09/07 14:28:58.0457 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2010/09/07 14:28:58.0504 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2010/09/07 14:28:58.0546 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/09/07 14:28:58.0572 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/09/07 14:28:58.0591 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/09/07 14:28:58.0621 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2010/09/07 14:28:58.0643 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2010/09/07 14:28:58.0703 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2010/09/07 14:28:58.0927 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\Windows\system32\DRIVERS\NETw5v32.sys

2010/09/07 14:28:59.0081 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2010/09/07 14:28:59.0148 nmwcd (357ddb51e03cae598c096d95497373d0) C:\Windows\system32\drivers\ccdcmb.sys

2010/09/07 14:28:59.0191 nmwcdc (7cd443f9d36c80e152fadb274089577a) C:\Windows\system32\drivers\ccdcmbo.sys

2010/09/07 14:28:59.0245 nmwcdnsu (02120406f27f5895dfce4c640e6ee237) C:\Windows\system32\drivers\nmwcdnsu.sys

2010/09/07 14:28:59.0284 nmwcdnsuc (9c5de8b7cf5680307bbdf512c9258ecc) C:\Windows\system32\drivers\nmwcdnsuc.sys

2010/09/07 14:28:59.0331 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2010/09/07 14:28:59.0371 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2010/09/07 14:28:59.0423 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2010/09/07 14:28:59.0484 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2010/09/07 14:28:59.0522 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2010/09/07 14:28:59.0548 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

2010/09/07 14:28:59.0582 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

2010/09/07 14:28:59.0605 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

2010/09/07 14:28:59.0665 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys

2010/09/07 14:28:59.0705 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2010/09/07 14:28:59.0752 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2010/09/07 14:28:59.0780 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2010/09/07 14:28:59.0834 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys

2010/09/07 14:28:59.0866 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2010/09/07 14:28:59.0912 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2010/09/07 14:28:59.0947 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2010/09/07 14:29:00.0010 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2010/09/07 14:29:00.0087 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2010/09/07 14:29:00.0121 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

2010/09/07 14:29:00.0159 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2010/09/07 14:29:00.0227 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

2010/09/07 14:29:00.0306 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2010/09/07 14:29:00.0340 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2010/09/07 14:29:00.0367 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2010/09/07 14:29:00.0393 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/09/07 14:29:00.0430 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/09/07 14:29:00.0445 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2010/09/07 14:29:00.0492 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2010/09/07 14:29:00.0513 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/09/07 14:29:00.0553 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

2010/09/07 14:29:00.0576 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2010/09/07 14:29:00.0627 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2010/09/07 14:29:00.0699 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

2010/09/07 14:29:00.0741 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2010/09/07 14:29:00.0778 RTL8169 (2fc33077f85d7dc0d03678c06d43898c) C:\Windows\system32\DRIVERS\Rtlh86.sys

2010/09/07 14:29:00.0797 RTSTOR (0d1c1b0de2819fe1ea25098183130b64) C:\Windows\system32\drivers\RTSTOR.SYS

2010/09/07 14:29:00.0831 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2010/09/07 14:29:00.0894 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2010/09/07 14:29:00.0929 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2010/09/07 14:29:00.0961 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2010/09/07 14:29:00.0992 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2010/09/07 14:29:01.0027 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

2010/09/07 14:29:01.0059 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

2010/09/07 14:29:01.0088 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

2010/09/07 14:29:01.0120 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2010/09/07 14:29:01.0155 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

2010/09/07 14:29:01.0184 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

2010/09/07 14:29:01.0215 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

2010/09/07 14:29:01.0274 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2010/09/07 14:29:01.0360 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\Windows\system32\DRIVERS\snp2uvc.sys

2010/09/07 14:29:01.0449 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2010/09/07 14:29:01.0520 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys

2010/09/07 14:29:01.0520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

2010/09/07 14:29:01.0523 sptd - detected Locked file (1)

2010/09/07 14:29:01.0555 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys

2010/09/07 14:29:01.0574 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys

2010/09/07 14:29:01.0596 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys

2010/09/07 14:29:01.0659 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys

2010/09/07 14:29:01.0698 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2010/09/07 14:29:01.0732 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2010/09/07 14:29:01.0763 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2010/09/07 14:29:01.0798 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2010/09/07 14:29:01.0853 SynTP (8cc32b5c9a89caea4efb68b2606e15e5) C:\Windows\system32\DRIVERS\SynTP.sys

2010/09/07 14:29:01.0927 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2010/09/07 14:29:01.0998 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2010/09/07 14:29:02.0036 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2010/09/07 14:29:02.0061 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2010/09/07 14:29:02.0095 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2010/09/07 14:29:02.0150 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2010/09/07 14:29:02.0193 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2010/09/07 14:29:02.0243 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/09/07 14:29:02.0280 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2010/09/07 14:29:02.0324 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2010/09/07 14:29:02.0357 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

2010/09/07 14:29:02.0396 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2010/09/07 14:29:02.0446 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

2010/09/07 14:29:02.0489 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

2010/09/07 14:29:02.0531 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2010/09/07 14:29:02.0568 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2010/09/07 14:29:02.0609 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2010/09/07 14:29:02.0680 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys

2010/09/07 14:29:02.0735 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys

2010/09/07 14:29:02.0788 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

2010/09/07 14:29:02.0888 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/09/07 14:29:02.0923 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2010/09/07 14:29:02.0980 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2010/09/07 14:29:03.0027 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2010/09/07 14:29:03.0067 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2010/09/07 14:29:03.0102 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2010/09/07 14:29:03.0173 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2010/09/07 14:29:03.0230 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys

2010/09/07 14:29:03.0279 UsbserFilt (5c17e6a11aa8be53f79fd364ba19f0ce) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys

2010/09/07 14:29:03.0333 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/09/07 14:29:03.0396 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/09/07 14:29:03.0436 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2010/09/07 14:29:03.0484 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/09/07 14:29:03.0517 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2010/09/07 14:29:03.0546 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

2010/09/07 14:29:03.0573 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

2010/09/07 14:29:03.0604 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

2010/09/07 14:29:03.0636 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2010/09/07 14:29:03.0669 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2010/09/07 14:29:03.0725 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2010/09/07 14:29:03.0779 Vsdatant (f1bf5561f2befea9cb6451c5ac316ec7) C:\Windows\system32\DRIVERS\vsdatant.sys

2010/09/07 14:29:03.0841 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

2010/09/07 14:29:03.0879 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2010/09/07 14:29:03.0911 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/07 14:29:03.0918 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/09/07 14:29:03.0960 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

2010/09/07 14:29:03.0984 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2010/09/07 14:29:04.0050 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

2010/09/07 14:29:04.0117 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

2010/09/07 14:29:04.0148 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2010/09/07 14:29:04.0206 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/09/07 14:29:04.0237 ================================================================================

2010/09/07 14:29:04.0237 Scan finished

2010/09/07 14:29:04.0237 ================================================================================

2010/09/07 14:29:04.0240 Detected object count: 1

2010/09/07 14:29:20.0791 Locked file(sptd) - User select action: Skip

 

Et voici le rapport Rkill : Pour le faire, j’ai juste cliqué dessus, le clique droit ne présentait pas l’option « Exécuter en temps qu’Administrateur ».

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Ran as C‚drinette on 07/09/2010 at 14:40:18.

 

 

Services Stopped:

 

 

Processes terminated by Rkill or while it was running:

 

 

C:\Users\Cédrinette\Desktop\rkill.com

 

 

Rkill completed on 07/09/2010 at 14:40:21.

L’analyse MBAM est en train de se faire. Je le poste sous peu.

En attendant, juste un question : Voilà, je n’utilise que le pare-feu de Windows Vista, est-il nécessaire d’en prendre un autre ?

[Sorsha]

MBAM n'indique aucun infection, pourtant, je n'arrive à ouvrir AUCUN dossier (je peux cependant lire les fichiers). Soit VLC s'ouvre quand je clique sur un dossier ou il m'indique que c'est carrément impossible d'y accéder. L'ordi rame un peu et le dossier Antimalware Doctor apparaît toujours dans ma liste de programmes (il a pourtant été effacé d'après CCleaner). Encore merci pour votre aide !

Voici le rapport MBAM :

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4564

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18943

 

08/09/2010 12:35:04

mbam-log-2010-09-08 (12-35-04).txt

 

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 372340

Temps écoulé: 2 heure(s), 20 minute(s), 36 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[Sorsha]

up^^

[Sorsha]

Personne ne peut m'aider ?

Le problème est toujours là, je crois que je vais devoir formater...Je voudrais éviter ça d'autant que ne pouvant plus accéder à mes dossiers, je vais perdre pas mal de fichiers, mais là, je ne sais pas quoi faire et visiblement je ne suis pas seule à avoir choper ce virus qui semble retors.

Si quelqu'un peut m'aider, ça serait vraiment chouette.

Merci d'avance !