Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infection tenance (Artemis!A21F3188EAC8)

Platzounet

Par Platzounet
dans Analyses et éradication malwares

 Partager

Messages recommandés

Platzounet Junior Member

Platzounet

Posté(e)
Posté(e) (modifié)

Bonjour,

 

Je viens solliciter vos compétences, car apparemment j'ai chopé un sale truc...

 

L'antivirus McAfee me repère régulièrement des Trojans dont les noms varient (récemment Artemis!A21F3188EAC8), supprime des .exe dans le dossier /Temp dont les noms sont apparemment générés de manière aléatoire, des onglets apparaissent de temps à autre avec de la Pub dans Firefox...

 

Voilà ce que j'ai déjà fait:

 

Scan McAfee --> netoyage des fichiers infectés

 

Scan Malwarebytes --> Netoyage des fichiers

 

Spybot - Search & Destroy idem

 

Redémarage...

 

J'ai aussi souvent des plantages lors de la mise en veille alors que mon Seven (je m'en réjouissais il y a quelques jours) ne plantait quasiment jamais depuis un an (que je l'ai)...

 

Au redémarrage des fenêtres (windows blank) s'ouvrent et se referment seules... (j'ai pu voir le nom d'une de ces fenêtre "hello2" une fois que le PC ramait un peu au démarrage)

 

Mais, le matou revient... il est toujours vivaaaant.

 

J'avais fait un point de restauration d'image système cet été... je peux peut-être essayer, mais est-ce efficace pour ce genre de pb?

 

A noter :

 

1. que j'ai fait tout cela sans désactiver la restauration système (peur de perdre mon image système...)

 

2. que je n'ai pas encore fait ces opérations en mode sans échec

 

Je vous joins un rapport ZHPDiag

 

Et je vous remercie en avance!!!

 

---------------------------

 

Rapport de ZHPDiag v1.27.1421 par Nicolas Coolman, Update du 16/12/2010

Run by Olivier Martin at 19/01/2011 22:31:05

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

 

---\\ System Information

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4094 MB (64% free)

System drive C: has 405 GB (58%) free of 689 GB

 

---\\ Logged in mode

Computer Name: HOME-FIXE

User Name: Olivier Martin

All Users Names: __vmware_user__, Olivier Martin, HomeGroupUser$, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 405 Go of 689 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 148 Go of 699 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.F170B4A061C9E026437B193B4D571799] - (.Microsoft Corporation - Explorateur Windows.) (.03/08/2009 07:17:37.) -- C:\Windows\Explorer.exe [2868224]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

 

 

---\\ Processus lancés

[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240]

[MD5.435F79D364B796A4EA0B5CAF24CA78BD] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200]

[MD5.A531E07BBF9BC1CF4EA8BA2F760E3FEE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [15028104]

[MD5.93CDF9D554BA63AD82DD745528DD55FA] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [33796]

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552]

[MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe [80256]

[MD5.0FE0EDF01CEA3BEB2E65A904BB87525E] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray .exe [640376]

[MD5.4902FB4175DFA4B6EF8DD3A8F861C12F] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray .exe [129584]

[MD5.76375D7763C9B56C0E96AE30F6160DFF] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote .exe [600256]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [912344]

[MD5.BCA1AF2075989E9671EF4CB9369D10AF] - (.Mozilla Messaging - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [12584112]

[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856]

[MD5.806A8E35707BEA615B209001E544F0F0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [620544]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.LizardTech - DjVu Plug-In(external version 6.1.4.2013).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdjvu.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

M2 - MFEP: prefs.js [Olivier Martin - monl468j.default\zotero@chnm.gmu.edu] [] Zotero v2.0rc5 (.Center for History and New Media<br/>George Mason University.)

 

 

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (.Pas de propriétaire - Pas de description.) -- c:\progra~1\mcafee\msk\mskapbho.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: SwissAcademic.Citavi.IEPicker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- mscoree.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [vmware-tray] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

O4 - HKLM\..\Run: [agentantidote.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe

O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [AdobeCS4ServiceManager] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [vmware-tray] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe

O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [AdobeBridge] Clé orpheline

O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [!SearchquFF] C:\Windows\TEMP\INSTAL~1.dllystemid=402&q=, (.not file.)

O4 - HKUS\S-1-5-18\..\RunOnce: [!SearchquFF] C:\Windows\TEMP\INSTAL~1.dllystemid=402&q=, (.not file.)

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Citavi 3.lnk . (.Swiss Academic Software.) -- C:\Program Files (x86)\Citavi 3\bin\Citavi.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Dead Sea Scrolls.lnk . (.Brigham Young University.) -- C:\Program Files (x86)\Brigham Young University\Dead Sea Scrolls Electronic Library\wcUView.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\GanttProject.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\GanttProject\ganttproject.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files (x86)\JDownloader\JDownloader.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Olive Portable.lnk - Clé orpheline

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\PDF Sam.lnk . (.by Framasoft.) -- C:\Users\Olivier Martin\Desktop\PortablePDFSAM\PortablePDFSAM\PortablePDFSAM.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Polices - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Sticky Notes.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\StikyNot.exe (.not file.)

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\SyncBack.lnk . (.2BrightSparks.) -- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\Travail - UPVM.lnk . (.Pas de propriétaire.) -- \\PORTABLEUPVM\Documents and Settings\Olive\Mes documents\Travail (.not file.)

O4 - Global Startup: C:\Documents And Settings\Olivier Martin\Desktop\VMware Player.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\AD-R.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Ad-Remover\main.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Citavi 3.lnk . (.Swiss Academic Software.) -- C:\Program Files (x86)\Citavi 3\bin\Citavi.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Dead Sea Scrolls.lnk . (.Brigham Young University.) -- C:\Program Files (x86)\Brigham Young University\Dead Sea Scrolls Electronic Library\wcUView.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\GanttProject.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\GanttProject\ganttproject.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files (x86)\JDownloader\JDownloader.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Olive Portable.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\PDF Sam.lnk . (.by Framasoft.) -- C:\Users\Olivier Martin\Desktop\PortablePDFSAM\PortablePDFSAM\PortablePDFSAM.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Polices - Raccourci.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Sticky Notes.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\StikyNot.exe (.not file.)

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\SyncBack.lnk . (.2BrightSparks.) -- C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\Travail - UPVM.lnk . (.Pas de propriétaire.) -- \\PORTABLEUPVM\Documents and Settings\Olive\Mes documents\Travail (.not file.)

O4 - Global Startup: C:\Users\Olivier Martin\Desktop\VMware Player.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Olivier Martin\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk . (.Christian Kindahl.) -- C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files (x86)\Inkscape\inkscape.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk . (.VMware, Inc..) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe

O4 - Global Startup: C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Citavi Picker... - (.not file.) - file:\\C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O8 - Extra context menu item: Ajouter à un fichier PDF existant . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} . (.not file.) - (.not file.)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} (Environnement d'exécution Java 1.3.1_18) - http://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{E73304EA-CC94-44C8-9506-F37CBB613A0A}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: (Brother XP spl Service) . (.brother Industries Ltd - brsvc01a.) - C:\Windows\SysWOW64\brsvc01a.exe

O23 - Service: (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

O23 - Service: (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

O23 - Service: (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

O23 - Service: (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: (nvsvc) - Clé orpheline

O23 - Service: (TabletService) - Clé orpheline

O23 - Service: (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

O23 - Service: (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\system32\vmnat.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SyncBack Sauvegarde mail.job

[MD5.00000000000000000000000000000000] [APT] [93a3748c] (.Pas de propriétaire.) -- C:\Users\Oliv-S~1\AppData\Local\Temp\setup783426956.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [ece92408] (.Pas de propriétaire.) -- C:\Users\Oliv-S~1\AppData\Local\Temp\setup3803102088.exe (.not file.)

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.A531E07BBF9BC1CF4EA8BA2F760E3FEE] [APT] [{A16D3EF2-AEAE-4AD0-A832-CDFC609BED34}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\Windows\SysWow64\Macromed\Flash\Flash10e.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys

O41 - Driver: (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\System32\DRIVERS\mfenlfk.sys

O41 - Driver: McAfee Inc. mfewfpk (mfewfpk) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfewfpk.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - Pilote TCP/IP.) - C:\Windows\System32\drivers\tcpip.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VBoxDrv) . (.Oracle Corporation - VirtualBox Support Driver.) - C:\Windows\System32\DRIVERS\VBoxDrv.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {197A3012-8C85-4FD3-AB66-9EC7E13DB92E}

O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}

O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {1618734A-3957-4ADD-8199-F973763109A8}

O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {83877DB1-8B77-45BC-AB43-2BAC22E093E0}

O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {94D398EB-D2FD-4FD1-B8C4-592635E8A191}

O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0F723FC1-7606-4867-866C-CE80AD292DAF}

O42 - Logiciel: Adobe Color - Photoshop Specific CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

O42 - Logiciel: Adobe Color EU Recommended Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}

O42 - Logiciel: Adobe Color JA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {0D6013AB-A0C7-41DC-973C-E93129C9A29F}

O42 - Logiciel: Adobe Color NA Extra Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {098A2A49-7CF3-4F08-A38D-FB879117152A}

O42 - Logiciel: Adobe Color Video Profiles CS CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {63C24A08-70F3-4C8E-B9FB-9F21A903801D}

O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C52E3EC1-048C-45E1-8D53-10B0C6509683}

O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {67F0E67A-8E93-4C2C-B29D-47C48262738A}

O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578

O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {30C8AA56-4088-426F-91D1-0EDFD3A25678}

O42 - Logiciel: Adobe Drive CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {16E16F01-2E2D-4248-A42F-76261C147B6C}

O42 - Logiciel: Adobe Dynamiclink Support - (.Adobe Systems Incorporated.) [HKLM] -- {60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}

O42 - Logiciel: Adobe Encore CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {5EAD5443-7194-46CC-A055-428E6ABB1BAF}

O42 - Logiciel: Adobe Encore CS4 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {FB2A5FCC-B81B-48C2-A009-7804694D83E9}

O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {054EFA56-2AC1-48F4-A883-0AB89874B972}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

O42 - Logiciel: Adobe InDesign CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_95e0cc74dbf32662d4445ac1ef67d56

O42 - Logiciel: Adobe InDesign CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {C9FDFA53-88D0-42C6-94E8-244016267C50}

O42 - Logiciel: Adobe InDesign CS4 Application Feature Set Files (Middle-Eastern) - (.Adobe Systems Incorporated.) [HKLM] -- {EEA247F1-C478-405A-B59A-C29585D8DF27}

O42 - Logiciel: Adobe InDesign CS4 Common Base Files - (.Adobe Systems Incorporated.) [HKLM] -- {B7F12CF1-B81C-47C9-835C-5486ED89B8CE}

O42 - Logiciel: Adobe InDesign CS4 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {3E0D6B4E-99E6-445F-B83D-E13638CA2008}

O42 - Logiciel: Adobe Linguistics CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {931AB7EA-3656-4BB7-864D-022B09E3DD67}

O42 - Logiciel: Adobe Media Encoder CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}

O42 - Logiciel: Adobe Media Encoder CS4 Additional Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {BE9CEAAA-F069-4331-BF2F-8D350F6504F4}

O42 - Logiciel: Adobe Media Encoder CS4 Dolby - (.Adobe Systems Incorporated.) [HKLM] -- {EE353798-E875-42E0-B58D-7E6696182EA8}

O42 - Logiciel: Adobe Media Encoder CS4 Exporter - (.Adobe Systems Incorporated.) [HKLM] -- {561968FD-56A1-49FD-9ED0-F55482C7C5BC}

O42 - Logiciel: Adobe Media Encoder CS4 Importer - (.Adobe Systems Incorporated.) [HKLM] -- {8186FF34-D389-4B7E-9A2F-C197585BCFBD}

O42 - Logiciel: Adobe OnLocation CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {7406DF60-016D-476B-A2C7-55D997592047}

O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.) [HKLM] -- {BB4E33EC-8181-4685-96F7-8554293DEC6A}

O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {F93C84A6-0DC6-42AF-89FA-776F7C377353}

O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8

O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}

O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {E4848436-0345-47E2-B648-8B522FCDA623}

O42 - Logiciel: Adobe Photoshop CS4 Support - (.Adobe Systems Incorporated.) [HKLM] -- {63E5CDBF-8214-4F03-84F8-CD3CE48639AD}

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_26b63376f4efc354dae41af6b5e3343

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {D499F8DE-3F31-4900-9157-61061613704B}

O42 - Logiciel: Adobe Premiere Pro CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}

O42 - Logiciel: Adobe Premiere Pro CS4 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}

O42 - Logiciel: Adobe Premiere Pro CS4 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {C938BE91-3BB5-4B84-9EF6-88F0505D0038}

O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}

O42 - Logiciel: Adobe SGM CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}

O42 - Logiciel: Adobe SING CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {4A52555C-032A-4083-BDD9-6A85ABFB39A8}

O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.) [HKLM] -- {F0E64E2E-3A60-40D8-A55D-92F6831875DA}

O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.) [HKLM] -- {4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {566BB41D-F006-4956-A5D3-94D8DFFA7F51}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {F49C5BB6-77AF-40EA-AD40-C54FDB05803D}

O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {78C2BDCD-79EB-4151-A113-C06E9A9678D6}

O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

O42 - Logiciel: AdobeColorCommonSetCMYK - (.Adobe Systems Incorporated.) [HKLM] -- {68243FF8-83CA-466B-B2B8-9F99DA5479C4}

O42 - Logiciel: AdobeColorCommonSetRGB - (.Adobe Systems Incorporated.) [HKLM] -- {16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai

O42 - Logiciel: Antidote HD - (.Druide informatique inc..) [HKLM] -- {56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: BibleWorks 6 - (.Pas de propriétaire.) [HKLM] -- {F5CD130F-5789-4D38-8762-FFBEBA896805}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Citavi - (.Swiss Academic Software.) [HKLM] -- {E12C6653-1FF0-4686-ADB8-589C13AE761F}

O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD

O42 - Logiciel: Connect - (.Adobe Systems Incorporated.) [HKLM] -- {B29AD377-CC12-490A-A480-1452337C618D}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: Dead Sea Scrolls Electronic Library - (.Brigham Young University.) [HKLM] -- {F8C669F9-91F8-48C4-8E52-742FA6B855D4}

O42 - Logiciel: EndNote X1 - (.Thomson ResearchSoft.) [HKLM] -- {87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}

O42 - Logiciel: Environnement d'exécution Java 2, Standard Edition v1.3.1_18 - (.Pas de propriétaire.) [HKLM] -- {68249B78-B714-11D7-88E8-0050DA21757E}

O42 - Logiciel: FileZilla Client 3.3.0.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}

O42 - Logiciel: GanttProject - (.Pas de propriétaire.) [HKLM] -- GanttProject

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}

O42 - Logiciel: HHD Software Hex Editor Neo 4.95 - (.HHD Software, Ltd..) [HKCU] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}

O42 - Logiciel: ISI ResearchSoft - Export Helper - (.Pas de propriétaire.) [HKLM] -- ISI ResearchSoft - Export Helper

O42 - Logiciel: InfraRecorder - (.Pas de propriétaire.) [HKLM] -- InfraRecorder

O42 - Logiciel: Inkscape 0.48.0 - (.Pas de propriétaire.) [HKLM] -- Inkscape

O42 - Logiciel: Inscriptifact 8.0.0 - (.University Of Southern California.) [HKCU] -- Inscriptifact 8.0.0

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader

O42 - Logiciel: Java 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}

O42 - Logiciel: Lizardtech DjVu Control - (.Pas de propriétaire.) [HKLM] -- {105CFC7C-6992-11D5-BD9D-000102C10FD8}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM] -- MSC

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: Mozilla Thunderbird (3.1.7) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (3.1.7)

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PC Library - (.Pas de propriétaire.) [HKLM] -- PC Library

O42 - Logiciel: PDF Settings CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.) [HKLM] -- {CC75AB5C-2110-4A7F-AF52-708680D22FE8}

O42 - Logiciel: PowerDVD DX - (.CyberLink Corp..) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}

O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {04F3038E-4120-44CC-B330-E05F737246A5}

O42 - Logiciel: SIW version 2009.10.22 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1

O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

O42 - Logiciel: Skype 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.) [HKLM] -- {3D45A3B6-BC6D-4F7A-B311-2C4773530D68}

O42 - Logiciel: SyncBack - (.2BrightSparks.) [HKLM] -- SyncBack_is1

O42 - Logiciel: Tablette - (.Wacom Technology Corp..) [HKLM] -- Tablet Driver

O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation

O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}

O42 - Logiciel: WinSoftME - (.Adobe Systems Incorporated.) [HKLM] -- {304C91E3-C95D-4785-8EA8-5AAAA88FA3B4}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger

O42 - Logiciel: kuler - (.Adobe Systems Incorporated.) [HKLM] -- {098727E1-775A-4450-B573-3F441F1CA243}

O42 - Logiciel: theWord - (.Pas de propriétaire.) [HKLM] -- The Word

O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249}

O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65}

O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464}

O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}

O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}

O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\Academic Software Zurich]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow]

[HKCU\Software\Brigham Young University]

[HKCU\Software\Brother]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cyberlink]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\DT Soft]

[HKCU\Software\DVD Shrink]

[HKCU\Software\Dell]

[HKCU\Software\Druide informatique inc.]

[HKCU\Software\Google]

[HKCU\Software\HHD Software]

[HKCU\Software\ISA2]

[HKCU\Software\ISI ResearchSoft]

[HKCU\Software\InfraRecorder]

[HKCU\Software\JavaSoft]

[HKCU\Software\LizardTech]

[HKCU\Software\Logitech]

[HKCU\Software\MJLSoftware]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Adobe2)]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\McAfee]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Roxio]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\SkypeApps]

[HKCU\Software\Skype]

[HKCU\Software\SlySoft]

[HKCU\Software\Swiss Academic Software]

[HKCU\Software\TechSmith]

[HKCU\Software\Thunderbird]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\VMware, Inc.]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKLM\Software\ALWIL Software]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\BibleWorks]

[HKLM\Software\Brigham Young University]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DT Soft]

[HKLM\Software\Dell]

[HKLM\Software\Druide informatique inc.]

[HKLM\Software\Elaborate Bytes]

[HKLM\Software\FileZilla 3]

[HKLM\Software\FullCircle]

[HKLM\Software\Google]

[HKLM\Software\ISA2]

[HKLM\Software\Intel]

[HKLM\Software\JOANNEUM RESEARCH]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LizardTech]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\McAfee]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Novell]

[HKLM\Software\ODBC]

[HKLM\Software\PC-Doctor]

[HKLM\Software\Policies]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Roxio]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Skype]

[HKLM\Software\SlySoft]

[HKLM\Software\SoftThinks]

[HKLM\Software\Sonic]

[HKLM\Software\ThinPrint]

[HKLM\Software\VMware, Inc.]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Wacom]

[HKLM\Software\WinSoft]

[HKLM\Software\Windows]

[HKLM\Software\Wise Solutions]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 24/08/2010 - 08:32:56 ----D- C:\Program Files\Adobe

O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files

O43 - CFD: 01/09/2010 - 12:29:24 ----D- C:\Program Files\Defraggler

O43 - CFD: 12/11/2009 - 13:31:56 ----D- C:\Program Files\Dell

O43 - CFD: 12/11/2009 - 13:16:34 ----D- C:\Program Files\Dell Inc

O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\DVD Maker

O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 20/11/2009 - 16:19:52 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 12/11/2009 - 13:18:08 ----D- C:\Program Files\Java

O43 - CFD: 30/08/2010 - 14:03:10 ----D- C:\Program Files\McAfee

O43 - CFD: 30/08/2010 - 14:02:38 ----D- C:\Program Files\McAfee.com

O43 - CFD: 14/07/2009 - 16:35:26 ----D- C:\Program Files\Microsoft Games

O43 - CFD: 19/11/2009 - 23:09:36 ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild

O43 - CFD: 02/09/2010 - 13:10:42 ----D- C:\Program Files\Oracle

O43 - CFD: 12/11/2009 - 13:12:02 ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 16:35:28 ----D- C:\Program Files\Windows Journal

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Mail

O43 - CFD: 19/11/2009 - 18:52:20 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 17/11/2009 - 15:23:14 ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 21/11/2009 - 15:42:16 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files\logishrd

O43 - CFD: 20/11/2009 - 14:43:34 ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD: 30/08/2010 - 14:02:04 ----D- C:\Program Files\Common Files\McAfee

O43 - CFD: 22/11/2009 - 20:13:46 ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System

O43 - CFD: 24/01/2010 - 14:40:14 ----D- C:\ProgramData\Adobe

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 17/11/2009 - 15:34:58 ----D- C:\ProgramData\Brigham Young University

O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 26/12/2009 - 12:25:24 ----D- C:\ProgramData\CyberLink

O43 - CFD: 24/11/2009 - 15:06:20 ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 07/02/2010 - 18:37:44 ----D- C:\ProgramData\Dell

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents

O43 - CFD: 20/08/2010 - 15:55:22 ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 07/06/2010 - 15:20:58 ----D- C:\ProgramData\FLEXnet

O43 - CFD: 22/10/2010 - 13:36:20 ----D- C:\ProgramData\Gibraltar

O43 - CFD: 12/11/2009 - 13:31:38 ----D- C:\ProgramData\Macrovision

O43 - CFD: 21/08/2010 - 10:41:50 ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 18/11/2009 - 21:37:46 ----D- C:\ProgramData\McAfee

O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 05/11/2010 - 15:07:48 ----D- C:\ProgramData\Microsoft

O43 - CFD: 23/11/2009 - 14:38:36 ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 17/11/2009 - 15:23:14 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 17/11/2009 - 15:28:16 ----D- C:\ProgramData\NVIDIA

O43 - CFD: 12/11/2009 - 13:21:34 ----D- C:\ProgramData\PCDr

O43 - CFD: 21/11/2009 - 15:41:32 ----D- C:\ProgramData\SafeNet Sentinel

O43 - CFD: 12/12/2010 - 09:43:10 ----D- C:\ProgramData\Skype

O43 - CFD: 07/01/2010 - 14:48:30 ----D- C:\ProgramData\SlySoft

O43 - CFD: 12/11/2009 - 13:31:46 ----D- C:\ProgramData\Sonic

O43 - CFD: 17/01/2011 - 16:10:40 ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\ProgramData\Sun

O43 - CFD: 22/10/2010 - 13:30:18 ----D- C:\ProgramData\Swiss Academic Software

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates

O43 - CFD: 24/09/2010 - 10:43:26 ----D- C:\ProgramData\The Word

O43 - CFD: 12/11/2009 - 13:31:48 ----D- C:\ProgramData\Uninstall

O43 - CFD: 18/01/2011 - 07:22:28 ----D- C:\ProgramData\VMware

O43 - CFD: 21/11/2009 - 15:41:30 ----D- C:\ProgramData\WinSoft

O43 - CFD: 18/02/2010 - 14:51:54 ----D- C:\ProgramData\Yahoo!

O43 - CFD: 21/11/2009 - 15:42:16 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 14/02/2010 - 17:20:30 ----D- C:\Program Files\Common Files\logishrd

O43 - CFD: 20/11/2009 - 14:43:34 ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD: 30/08/2010 - 14:02:04 ----D- C:\Program Files\Common Files\McAfee

O43 - CFD: 22/11/2009 - 20:13:46 ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Common Files\System

O43 - CFD: 29/11/2009 - 10:03:22 ----D- C:\Program Files (x86)\2BrightSparks

O43 - CFD: 20/11/2009 - 01:58:12 ----D- C:\Program Files (x86)\7-Zip

O43 - CFD: 17/01/2011 - 20:26:24 ----D- C:\Program Files (x86)\Ad-Remover

O43 - CFD: 24/01/2010 - 14:39:06 ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 24/08/2010 - 08:44:24 ----D- C:\Program Files (x86)\Adobe Reader 64-bit fixes

O43 - CFD: 17/11/2009 - 16:01:20 ----D- C:\Program Files (x86)\BibleWorks 6

O43 - CFD: 17/11/2009 - 15:31:44 ----D- C:\Program Files (x86)\Brigham Young University

O43 - CFD: 23/08/2010 - 13:37:16 ----D- C:\Program Files (x86)\CCleaner

O43 - CFD: 22/10/2010 - 13:30:10 ----D- C:\Program Files (x86)\Citavi 3

O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 12/11/2009 - 13:25:32 ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 15/01/2010 - 22:00:26 ----D- C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 07/02/2010 - 18:29:16 ----D- C:\Program Files (x86)\Dell

O43 - CFD: 23/08/2010 - 14:01:10 ----D- C:\Program Files (x86)\Druide

O43 - CFD: 23/01/2010 - 11:57:12 ----D- C:\Program Files (x86)\DVD Shrink

O43 - CFD: 29/08/2010 - 09:50:32 ----D- C:\Program Files (x86)\EndNote X1

O43 - CFD: 29/11/2009 - 09:38:00 ----D- C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 20/04/2010 - 08:14:20 ----D- C:\Program Files (x86)\Free Download Manager

O43 - CFD: 03/01/2011 - 09:30:30 ----D- C:\Program Files (x86)\GanttProject

O43 - CFD: 29/09/2010 - 17:31:30 ----D- C:\Program Files (x86)\Google

O43 - CFD: 24/11/2009 - 23:35:22 ----D- C:\Program Files (x86)\InfraRecorder

O43 - CFD: 01/12/2010 - 19:00:38 ----D- C:\Program Files (x86)\Inkscape

O43 - CFD: 20/08/2010 - 14:28:32 --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 12/11/2009 - 13:18:14 ----D- C:\Program Files (x86)\Intel

O43 - CFD: 08/01/2010 - 10:42:50 ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 01/10/2010 - 10:52:30 ----D- C:\Program Files (x86)\ISA2

O43 - CFD: 17/01/2011 - 17:17:52 ----D- C:\Program Files (x86)\Java

O43 - CFD: 24/02/2010 - 13:39:20 ----D- C:\Program Files (x86)\JavaSoft

O43 - CFD: 08/01/2011 - 23:30:34 ----D- C:\Program Files (x86)\JDownloader

O43 - CFD: 23/01/2010 - 10:07:58 ----D- C:\Program Files (x86)\LizardTech

O43 - CFD: 14/01/2011 - 08:50:10 ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 30/08/2010 - 23:21:52 ----D- C:\Program Files (x86)\McAfee

O43 - CFD: 01/09/2010 - 06:52:20 ----D- C:\Program Files (x86)\McAfee.com

O43 - CFD: 12/11/2009 - 13:28:48 ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 14/11/2010 - 08:53:34 ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 12/11/2009 - 13:30:00 ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 12/11/2009 - 13:30:54 ----D- C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 19/11/2009 - 23:09:24 ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 26/11/2009 - 22:09:30 ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 19/11/2009 - 23:11:38 ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 10/12/2010 - 10:55:20 ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 12/12/2010 - 09:42:56 ----D- C:\Program Files (x86)\Mozilla Thunderbird

O43 - CFD: 19/11/2009 - 23:11:58 ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 23/11/2009 - 09:57:24 ----D- C:\Program Files (x86)\MSECache

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Roxio

O43 - CFD: 27/11/2009 - 11:37:40 ----D- C:\Program Files (x86)\SIW

O43 - CFD: 12/12/2010 - 09:43:38 R---D- C:\Program Files (x86)\Skype

O43 - CFD: 30/01/2010 - 15:34:10 ----D- C:\Program Files (x86)\SlySoft

O43 - CFD: 17/01/2011 - 20:39:18 ----D- C:\Program Files (x86)\Spybot - Search & Destroy

O43 - CFD: 12/02/2010 - 13:01:20 ----D- C:\Program Files (x86)\Tablet

O43 - CFD: 12/02/2010 - 12:59:58 ----D- C:\Program Files (x86)\TabletPlugins

O43 - CFD: 12/02/2010 - 11:33:20 ----D- C:\Program Files (x86)\Tablette

O43 - CFD: 24/09/2010 - 10:43:58 ----D- C:\Program Files (x86)\The Word

O43 - CFD: 13/01/2011 - 20:11:48 ----D- C:\Program Files (x86)\Trend Micro

O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 19/03/2010 - 10:10:58 ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 20/04/2010 - 15:01:28 ----D- C:\Program Files (x86)\VMware

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 12/11/2009 - 13:31:12 ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 12/11/2009 - 13:28:30 ----D- C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 15/01/2011 - 17:35:40 ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 18/02/2010 - 14:51:50 ----D- C:\Program Files (x86)\Yahoo!

O43 - CFD: 19/01/2011 - 22:31:20 ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 21/11/2009 - 15:43:28 ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 20/11/2009 - 14:44:54 ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 18/01/2011 - 07:22:30 ----D- C:\Program Files (x86)\Common Files\Akamai

O43 - CFD: 19/11/2009 - 23:11:54 ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 17/11/2009 - 15:42:54 ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 17/01/2011 - 17:18:04 ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 20/11/2009 - 14:43:30 ----D- C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 01/09/2010 - 06:52:20 ----D- C:\Program Files (x86)\Common Files\McAfee

O43 - CFD: 26/11/2009 - 22:09:30 ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 12/11/2009 - 13:31:50 ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 29/08/2010 - 09:50:24 ----D- C:\Program Files (x86)\Common Files\Risxtd

O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Common Files\Roxio Shared

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 12/12/2010 - 09:43:16 ----D- C:\Program Files (x86)\Common Files\Skype

O43 - CFD: 12/11/2009 - 13:31:40 ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 24/02/2010 - 13:39:26 ----D- C:\Program Files (x86)\Common Files\SWF Studio

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 29/08/2010 - 09:50:20 ----D- C:\Program Files (x86)\Common Files\Thomson ResearchSoft

O43 - CFD: 26/04/2010 - 16:15:12 ----D- C:\Program Files (x86

Modifié par Platzounet

Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e) (modifié)

O43 - CFD: 26/04/2010 - 16:15:12 ----D- C:\Program Files (x86)\Common Files\VMware

O43 - CFD: 12/11/2009 - 13:25:48 ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 29/08/2010 - 09:47:30 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.EABC5F6873DCA4B01E77B575D75808B9] - 19/01/2011 - 20:49:40 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19312]

O44 - LFC:[MD5.EABC5F6873DCA4B01E77B575D75808B9] - 19/01/2011 - 20:49:40 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19312]

O44 - LFC:[MD5.02000000000000000000000028EE1800] - 19/01/2011 - 20:48:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1305658]

O44 - LFC:[MD5.8193D4381BE46CDC386B42FB6C04AC00] - 19/01/2011 - 20:48:05 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.DBC309F1D47243E39620A73EC8BA40D4] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1532744]

O44 - LFC:[MD5.570215F21A061050F684A179E4E6019C] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [104580]

O44 - LFC:[MD5.87AB24D66F0EE8DB349F993EDB01816A] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [128688]

O44 - LFC:[MD5.552B1ECB1999A02C35124F465B5AF3EE] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [609676]

O44 - LFC:[MD5.8B5A0CE456CCEC30BB6347465CD543DE] - 18/01/2011 - 07:42:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [697450]

O44 - LFC:[MD5.F35695256E326493AAF877F2EDF19514] - 18/01/2011 - 07:22:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [616]

O44 - LFC:[MD5.19C0D8C6C3B7C6560D9268D206301E7E] - 18/01/2011 - 07:22:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\MEMORY.DMP [620407590]

O44 - LFC:[MD5.F255946F4436F73F96B2F69E37724D98] - 17/01/2011 - 20:30:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [2625]

O44 - LFC:[MD5.96143FA148AC59FEE9FEC2E8C93D356B] - 17/01/2011 - 20:27:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [2354]

O44 - LFC:[MD5.8773226E890844310B24DA1E77234891] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.567B74B15E3BB4D92AF336366CFB06C6] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.26DC78D41DA2F3A16A00208B49051798] - 17/01/2011 - 17:17:54 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/01/2011 - 16:52:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.8C13E5BB06DCD4A21F10BF9209EBB434] - 17/01/2011 - 16:52:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1546]

O44 - LFC:[MD5.BDE40AF2F5353814C505143728DEC498] - 09/01/2011 - 02:40:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BW6Dir.ini [890]

O44 - LFC:[MD5.F2F2598209DD6E09AFC3721E1F344EA0] - 09/01/2011 - 02:40:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bw600.ini [17728]

 

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

 

 

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- J:\Autorun.exe (.not file.)

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll

O52 - TDSD: \Drivers32\"VIDC.VMnc"="vmnc.dll" . (.VMware, Inc. - VMware Movie decoder.) -- C:\Windows\System32\vmnc.dll

O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid.dll

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.2F0683FD2DF1D92E891CACA14B45A8C1] - 27/06/2008 - 07:51:10 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\Windows\system32\drivers\adfs.sys [88632]

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.4731B44F534E99FDAF6ED7DF31FA052B] - 10/06/1999 - 20:20:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\CDENABLE.SYS [6112]

O58 - SDL:[MD5.E02C9CDB15F13DE4EB2FF67660E62317] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\system32\drivers\cfwids.sys [62800]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 16/02/2007 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\system32\drivers\ElbyCDFL.sys [40648]

O58 - SDL:[MD5.7984A82C1C373923330E6781F762D140] - 26/09/2009 - 18:57:38 ---A- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys [33960]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.B93B24F258441820E575C7983BA47313] - 22/01/2010 - 20:00:44 ---A- . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\system32\drivers\hcmon.sys [38960]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.07389F6925E490D2DB7882110E99921C] - 26/07/2008 - 15:22:22 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\system32\drivers\lv302a64.sys [15768]

O58 - SDL:[MD5.087A343DFC337F37723DD7912DE6B6CD] - 26/07/2008 - 15:22:34 ---A- . (.Logitech Inc. - Logitech QuickCam Driver.) -- C:\Windows\system32\drivers\LV302V64.SYS [2624408]

O58 - SDL:[MD5.7F0BA3A6E8996F15693C6B7D81DA049E] - 26/07/2008 - 15:25:48 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs64.sys [790424]

O58 - SDL:[MD5.5C3FF68267A5D242EE79EE01B993D6CE] - 26/07/2008 - 15:26:34 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBS64.sys [50072]

O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.C1556CA9695FCD6BBD23D75D402FD43D] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\system32\drivers\mfeapfk.sys [121248]

O58 - SDL:[MD5.8857EE8B49F3338FC1FAD476BFCCA146] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys [190136]

O58 - SDL:[MD5.9B090B2C6D84F4E392B3E5FF168929DA] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\system32\drivers\mfeclnk.sys [9984]

O58 - SDL:[MD5.19C44295F6BF085C83352D48397F7870] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\system32\drivers\mfefirek.sys [441328]

O58 - SDL:[MD5.5F915E20AB56121C41C6BF9A91A83BDA] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys [529128]

O58 - SDL:[MD5.23AE332E32FF615CA5E5224C8D91AF11] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) -- C:\Windows\system32\drivers\mfenlfk.sys [75032]

O58 - SDL:[MD5.9C7A9273E345F8D653394B5C542BF86A] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdet.sys [94864]

O58 - SDL:[MD5.3140B2C56D7119BA314F68FC785683F0] - 13/10/2010 - 22:28:54 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\system32\drivers\mfewfpk.sys [283360]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.CB599955CE2CE9694721562F9481CD84] - 27/06/2009 - 00:55:10 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [83488]

O58 - SDL:[MD5.51BD7EF17F0B525994AD5B3748C8288B] - 26/06/2009 - 23:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 186.27.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11515808]

O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056]

O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.ABCB5A38A0D85BDF69B7877E1AD1EED5] - 01/03/2009 - 23:05:32 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [187392]

O58 - SDL:[MD5.F2B52C7B1C8E6A4FC4C4564F4A421F23] - 03/06/2009 - 03:15:14 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1766944]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.3D000000000000000000000028EE1800] - 24/11/2009 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.4FE30EC910BA4D18D1B0E51C7780053C] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\system32\drivers\VBoxDrv.sys [202960]

O58 - SDL:[MD5.47499FE912F0B4E7664F8498F2906F0E] - 05/08/2010 - 13:02:56 ---A- . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\system32\drivers\VBoxNetAdp.sys [144720]

O58 - SDL:[MD5.032D3D3F93EEF92FDA895E87F28A0A0B] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\Windows\system32\drivers\VBoxNetFlt.sys [164240]

O58 - SDL:[MD5.A8A9D6A510EF796192A0AF95F1C2D2BB] - 07/10/2009 - 09:43:42 ---A- . (.Sun Microsystems, Inc. - VirtualBox USB Driver.) -- C:\Windows\system32\drivers\VBoxUSB.sys [43792]

O58 - SDL:[MD5.7A15BBAA003DE45A8DBA5E72FEC0C704] - 05/08/2010 - 13:02:54 ---A- . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\system32\drivers\VBoxUSBMon.sys [53968]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.9BC38986A8F0E85F27CC18A196808F52] - 22/01/2010 - 21:14:30 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\system32\drivers\vmci.sys [80944]

O58 - SDL:[MD5.AC9DC0F511C56125483A5FB385D0BC80] - 22/01/2010 - 21:14:34 ---A- . (.VMware, Inc. - VMware keyboard filter driver (64-bit).) -- C:\Windows\system32\drivers\VMkbd.sys [29744]

O58 - SDL:[MD5.8AB4374464C6548FA30E498811D2B324] - 22/01/2010 - 16:12:58 R--A- . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\system32\drivers\vmnet.sys [24112]

O58 - SDL:[MD5.9D54F1339E78C95BF3D9939EBCB66378] - 22/01/2010 - 16:12:58 ---A- . (.VMware, Inc. - VMware virtual network adapter driver (64-bit).) -- C:\Windows\system32\drivers\vmnetadapter.sys [20016]

O58 - SDL:[MD5.FB54EF3AA613D2832FD3812E7CB2FC75] - 22/01/2010 - 16:12:58 R--A- . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\system32\drivers\vmnetbridge.sys [45104]

O58 - SDL:[MD5.B4686ED49494A4264E867A7938FAD24B] - 22/01/2010 - 21:14:30 ---A- . (.VMware, Inc. - VMware network application interface driver (64-bit).) -- C:\Windows\system32\drivers\vmnetuserif.sys [30256]

O58 - SDL:[MD5.415B167695C4B5960A13098622EF3D80] - 22/01/2010 - 16:13:00 ---A- . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\system32\drivers\vmusb.sys [37680]

O58 - SDL:[MD5.4B4987B8850DE542F23621B881B10342] - 22/01/2010 - 21:14:36 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\system32\drivers\vmx86.sys [68656]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.E04D43C7D1641E95D35CAE6086C7E350] - 16/02/2007 - 10:12:36 ---A- . (.Wacom Technology - Wacom Mouse Filter Driver.) -- C:\Windows\system32\drivers\wacommousefilter.sys [12848]

O58 - SDL:[MD5.9D45E06348C6703FBA2064AC149AABDA] - 16/02/2007 - 10:30:12 ---A- . (.Wacom Technology - Virtual Hid Device.) -- C:\Windows\system32\drivers\wacomvhid.sys [14640]

O58 - SDL:[MD5.6D7F09CD92A9FEF3A8EFCE66231FDD79] - 14/08/2008 - 07:57:42 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\Windows\SysWOW64\drivers\adfs.sys [74720]

O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 16/02/2007 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys [40648]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.74B5B63EF92985F1D3E7BF1ECADD6EF7] - 12/10/2009 - 13:33:00 ---A- . (.StorageCraft Technology Corporation - StorageCraft Volume Snapshot Driver.) -- C:\Windows\SysWOW64\drivers\stcp2v30.sys [64960]

O58 - SDL:[MD5.8F4112AE3CABAB7F703D18D517E1E3A3] - 12/10/2009 - 08:41:42 ---A- . (.Sun Microsystems, Inc. - VirtualBox Mouse Filter.) -- C:\Windows\SysWOW64\drivers\VBoxMouse.sys [32960]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\Drivers\ADFS.sys - adfs (adfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_ADFS

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\System32\drivers\cfwids.sys - McAfee Inc. cfwids (cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS

O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\System32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - LEGACY_ELBYCDIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL

O64 - Services: CurCS - C:\Windows\system32\drivers\hcmon.sys - VMware hcmon (hcmon) .(.VMware, Inc. - VMware USB monitor.) - LEGACY_HCMON

O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\System32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk (mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK

O64 - Services: CurCS - C:\Windows\System32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk (mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK01

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfeavfk02) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK02

O64 - Services: CurCS - C:\Windows\System32\drivers\mfefirek.sys - McAfee Inc. mfefirek (mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfefirek01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEFIREK01

O64 - Services: CurCS - C:\Windows\System32\drivers\mfehidk.sys - McAfee Inc. mfehidk (mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK

O64 - Services: CurCS - (.not file.) - McAfee Inc. (mfehidk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK01

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mfenlfk.sys - McAfee NDIS Light Filter (mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK

O64 - Services: CurCS - C:\Windows\System32\drivers\mferkdet.sys - McAfee Inc. mferkdet (mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET

O64 - Services: CurCS - (.not file.) - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK

O64 - Services: CurCS - C:\Windows\System32\drivers\mfewfpk.sys - McAfee Inc. mfewfpk (mfewfpk) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFEWFPK

O64 - Services: CurCS - C:\Windows\System32\drivers\modem.sys - modem (modem) .(.Microsoft Corporation - Pilote de périphérique modem.) - LEGACY_MODEM

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\VBoxDrv.sys - VirtualBox Service (VBoxDrv) .(.Oracle Corporation - VirtualBox Support Driver.) - LEGACY_VBOXDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\VBOXUSBMON.sys - VirtualBox USB Monitor Driver (VBoxUSBMon) .(.Pas de propriétaire - Pas de description.) - LEGACY_VBOXUSBMON

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\vmci.sys - VMware vmci (vmci) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMCI

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\vmnetbridge.sys - VMware Bridge Protocol (VMnetBridge) .(.VMware, Inc. - VMware bridge driver (64-bit).) - LEGACY_VMNETBRIDGE

O64 - Services: CurCS - C:\Windows\system32\drivers\vmnetuserif.sys - VMware Network Application Interface (VMnetuserif) .(.VMware, Inc. - VMware network application interface driver.) - LEGACY_VMNETUSERIF

O64 - Services: CurCS - C:\Windows\system32\drivers\vmx86.sys - VMware vmx86 (vmx86) .(.VMware, Inc. - VMware kernel driver.) - LEGACY_VMX86

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys - Vstor2 WS60 Virtual Storage Driver (vstor2-ws60) .(.VMware, Inc. - VMware Virtual Storage Volume Driver.) - LEGACY_VSTOR2-WS60

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wimfltr.sys - WimFltr (WimFltr) .(.Microsoft Corporation - Windows Image File Mini-Filter Driver.) - LEGACY_WIMFLTR

O64 - Services: CurCS - C:\Windows\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) .(.Microsoft Corporation - Couche IFS Winsock2.) - LEGACY_WS2IFSL

O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1000 (Application Error) - (.Adobe Systems Incorporated - Adobe Acrobat 9.0.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

O66 - EventLog: ID=1000 (Application Error) - (.Oracle Corporation - VirtualBox GUI.) -- C:\PROGRA~1\Oracle\VIRTUA~1\VirtualBox.exe

O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - BW600 Module.) -- C:\Program Files (x86)\BibleWorks 6\bw600.exe

O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - {searchTerms} - Bing

O69 - SBI: SearchScopes [HKCU] {2A1B4545-9D47-4C36-91BB-3E8C87359D0D} - (Google) - {searchTerms} - Google Search

O69 - SBI: SearchScopes [HKCU] {AD762E80-9096-461C-B939-3647496CF746} - (Yahoo! Search) - {searchTerms} - Yahoo! France Résultats de recherche

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {8A96AF9E-4074-43b7-BEA3-87217BDA7402} [DefaultScope] - (Web Search) - http://www.searchqu.com/web?src=ieb&systemid=402&q={searchTerms}

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {8A96AF9E-4074-43b7-BEA3-87217BDA7402} [DefaultScope] - (Web Search) - http://www.searchqu.com/web?src=ieb&systemid=402&q={searchTerms}

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [0]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [0]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [0]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [0]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [0]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [0]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [0]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [0]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [0]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [0]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [0]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [0]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [0]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [0]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [0]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [0]

 

 

---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)

[MD5.B561AE170381399A4D825E4731458679] [sPRF] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Olivier Martin\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe [884512]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 31/03/2009 92160 | C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

SR - | Auto 13/06/2004 57344 | C:\Windows\SysWOW64\brsvc01a.exe (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe

SS - | Demand 20/11/2009 655624 | "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Demand 20/11/2009 1038088 | "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (FLEXnet Licensing Service 64) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

SS - | Disabled 05/07/2010 136176 | "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SS - | Demand 07/10/2010 509416 | "C:\Program Files\McAfee\VirusScan\mcods.exe (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 24/08/2010 200056 | "C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

SR - | Auto 13/10/2010 245352 | "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

SR - | Auto 13/10/2010 149032 | "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

SR - | Auto 10/03/2010 355440 | "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 10/03/2010 0 | C:\Windows\system32\nvvsvc.exe (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 14/01/2009 226656 | "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SeaPort) . (.Microsoft Corp..) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

SR - | Auto 14/01/2009 0 | C:\Windows\system32\Tablet.exe (TabletService) . (.Wacom Technology, Corp..) - C:\Windows\system32\Tablet.exe

SS - | Demand 12/10/2009 191024 | "C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (ufad-ws60) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe

SR - | Auto 22/01/2010 113200 | "C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

SR - | Auto 22/01/2010 334384 | C:\Windows\system32\vmnetdhcp.exe (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe

SR - | Auto 22/01/2010 563760 | "C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe

SR - | Auto 22/01/2010 395824 | C:\Windows\system32\vmnat.exe (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe

SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by Olivier Martin at 19/01/2011 22:33:11

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Olivier Martin at 19/01/2011 22:33:12

Use the desktop link 'MBRCheck' to have full report

 

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O58 - SDL:[MD5.3D000000000000000000000028EE1800] - 24/11/2009 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544]

 

 

 

End of the scan (1161 lines in 02mn 06s)(0)

 

 

******************************************

 

 

Ah oui, j'oubliais, j'ai aussi passé Ad-Remover.

 

Correctif... J'avais pas vu qu'il fallait pas répondre à son propre message au risque d'être oublié... je n'arrive pas à supprimer mon post maintenant. Espérons que je ne disparaîtrais pas dans les ténèbres de l'oubli. Merci à vous (jeudi 9h30)

 

Je rajoute encore, McAfee vient de me détecter Generix.dx!voi avec suppression d'un .exe dans le dossier /temp. (jeudi 11h35)

 

******************************************

 

Vendredi 18h (vous allez avoir tout mon journal intime à force...)

 

J'ai refait tous les tests en mode sans echec...

 

Antivirus,

MAM

Spybot search & destroy

AR-R

Ils ne trouvent rien

Pourtant le pb demeure.

Je me suis permis de virer de la base des registres toutes les clés qui contenaient searchqu et searchquFF

 

Apparemment il y a un truc qui se lance au démarrage, mais j'arrive pas à trouver ce que c'est...

 

Nouveau symptôme remarqué aujourd'hui, je clique sur un lien dans Google (Firefox) et je suis renvoyé sur une page Ebay... ou autre...

 

*************************************

 

Juste une réponse rapide sur la question de la restauration de l'image système me serait utile

Modifié par Platzounet
jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

hello,

 

Je vois que tu as utilisé AD-Remover >> poste le rapport "C:\Ad-Report-CLEAN[1].txt"

 

ensuite fais cela stp...

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

 

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

 

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

 

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\Tasks\*.job

 

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++

Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e)

Merci pour la réponse.

 

Voilà déjà le rapport de Ad-Remover

 

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 16/01/11 à 02:00

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix

 

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 13:41:04 le 21/01/2011, Mode sans echec

 

Microsoft Windows 7 Édition Familiale Premium (X64)

Olivier Martin@OLIVE-FIXE (Dell Inc. Inspiron 545)

 

============== RECHERCHE ==============

 

 

 

 

 

============== SCAN ADDITIONNEL ==============

 

** Mozilla Firefox Version [3.6.13 (fr)] **

 

-- C:\Users\Olivier Martin\AppData\Roaming\Mozilla\FireFox\Profiles\monl468j.default\Prefs.js --

browser.startup.homepage_override.mstone, rv:1.9.2.13

 

========================================

 

** Internet Explorer Version [8.0.7600.16385] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\SysWOW64\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

 

C:\Ad-Report-CLEAN[1].txt - 17/01/2011 (2625 Octet(s))

C:\Ad-Report-SCAN[1].txt - 17/01/2011 (2354 Octet(s))

C:\Ad-Report-SCAN[2].txt - 21/01/2011 (0 Octet(s))

 

Fin à: 13:41:38, 21/01/2011

 

============== E.O.F ==============

Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e)

Voilà le Log de OTL.txt

 

OTL logfile created on: 21/01/2011 18:54:45 - Run 1

OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Olivier Martin\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 689,44 Gb Total Space | 402,65 Gb Free Space | 58,40% Space Free | Partition Type: NTFS

Drive D: | 698,63 Gb Total Space | 148,36 Gb Free Space | 21,24% Space Free | Partition Type: NTFS

Drive K: | 298,02 Gb Total Space | 103,49 Gb Free Space | 34,73% Space Free | Partition Type: FAT32

Drive L: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,36% Space Free | Partition Type: FAT

 

Computer Name: OLIVE-FIXE | User Name: Olivier Martin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Olivier Martin\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe ()

PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)

PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)

PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)

PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

PRC - C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote .exe (Druide informatique inc.)

PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray .exe (Adobe Systems Inc.)

PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd)

PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Olivier Martin\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\SysWOW64\imagehlp.dll (Microsoft Corporation)

MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)

SRV:64bit: - (mfevtp) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)

SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()

SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)

SRV:64bit: - (TabletService) -- C:\Windows\SysNative\Tablet.exe (Wacom Technology, Corp.)

SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_dbc0250.dll ()

SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)

SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)

SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)

SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)

DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)

DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)

DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)

DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)

DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)

DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)

DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)

DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)

DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)

DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)

DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)

DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)

DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)

DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()

DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )

DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)

DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)

DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)

DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.)

DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)

DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)

DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)

DRV - (VBoxMouse) -- C:\Windows\SysWOW64\drivers\VBoxMouse.sys (Sun Microsystems, Inc.)

DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)

DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.10.04

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2010/10/22 13:30:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/10 10:55:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/17 17:17:54 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/12/18 10:40:03 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/02/24 13:39:22 | 000,000,000 | ---D | M]

 

[2010/08/19 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions

[2010/08/19 15:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011/01/21 16:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Firefox\Profiles\monl468j.default\extensions

[2010/02/04 23:06:40 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Olivier Martin\AppData\Roaming\mozilla\Firefox\Profiles\monl468j.default\extensions\zotero@chnm.gmu.edu

[2011/01/17 17:17:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/01/15 00:15:24 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2011/01/17 17:17:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010/10/22 13:30:15 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX

[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

[2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdjvu.dll

[2010/08/01 10:54:38 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/08/01 10:54:38 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/08/01 10:54:38 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/08/01 10:54:38 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/08/01 10:54:38 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009/11/21 15:43:08 | 000,001,269 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL ()

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll (McAfee, Inc.)

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101105131049.dll (McAfee, Inc.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe ()

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe ()

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe ()

O4 - HKLM..\Run: [agentantidote.exe] C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe ()

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000..\Run: [AdobeBridge] File not found

O4 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()

O8:64bit: - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab (Java Plug-in 1.3.1_18)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell - "" = AutoRun

O33 - MountPoints2\{f792dd91-0207-11df-9387-e33ca59ba05c}\Shell\AutoRun\command - "" = J:\Autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

 

MsConfig:64bit - StartUpReg: CloneCDTray - hkey= - key= - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)

MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

MsConfig:64bit - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

MsConfig:64bit - StartUpReg: orifvabo - hkey= - key= - File not found

MsConfig:64bit - StartUpReg: PDVDDXSrv - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

MsConfig:64bit - StartUpReg: rsmoanxwce.exe - hkey= - key= - File not found

MsConfig:64bit - StartUpReg: vmware-tray - hkey= - key= - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe ()

MsConfig:64bit - State: "startup" - Reg Error: Key error.

MsConfig:64bit - State: "services" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootMin:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)

SafeBootNet:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)

SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)

SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)

SafeBootNet:64bit: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F075FCA7-11EB-D980-9340-46FA6AA5A097} - Microsoft Windows Media Player

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {1531D2C9-11EE-753B-EA45-36160E93951D} - Browser Customizations

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {8E1D9CF6-37EC-E1C0-2D8A-D31F35163B1F} - Microsoft Windows Media Player

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)

Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.)

 

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/01/21 18:52:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Olivier Martin\Desktop\OTL.exe

[2011/01/21 16:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\SafeNet Sentinel

[2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\AnyDVDHD

[2011/01/17 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\Documents\Adobe

[2011/01/17 20:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover

[2011/01/17 20:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/01/17 20:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag

[2011/01/17 19:08:36 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW

[2011/01/17 17:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/01/17 17:18:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2011/01/17 17:17:54 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2011/01/17 17:17:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2011/01/17 17:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2011/01/17 17:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2011/01/17 15:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011/01/17 15:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/01/17 15:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011/01/13 20:11:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2011/01/13 20:11:46 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/01/03 09:30:28 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GanttProject

[2011/01/03 09:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject

[2011/01/03 09:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GanttProject

[2011/01/03 09:25:31 | 000,000,000 | ---D | C] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d

 

========== Files - Modified Within 30 Days ==========

 

[2011/01/21 18:52:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olivier Martin\Desktop\OTL.exe

[2011/01/21 18:16:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/21 18:16:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/21 17:41:31 | 001,559,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/01/21 17:41:31 | 000,711,544 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/01/21 17:41:31 | 000,613,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/01/21 17:41:31 | 000,133,186 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/01/21 17:41:31 | 000,108,472 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/01/21 16:40:28 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/21 16:40:28 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/21 16:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/21 16:32:58 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/21 15:55:28 | 492,092,070 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011/01/21 13:47:49 | 000,001,484 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110121_134743.reg

[2011/01/21 12:08:49 | 000,003,328 | ---- | M] () -- C:\Users\Olivier Martin\.ganttproject

[2011/01/21 12:05:53 | 000,007,545 | ---- | M] () -- C:\Users\Olivier Martin\Documents\Projet Travail.gan

[2011/01/21 09:53:40 | 000,001,115 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Vidéos - Raccourci.lnk

[2011/01/20 16:46:44 | 000,013,031 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Sir 25.docx

[2011/01/20 15:39:44 | 000,007,623 | ---- | M] () -- C:\Users\Olivier Martin\AppData\Local\resmon.resmoncfg

[2011/01/17 20:26:18 | 000,001,897 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\AD-R.lnk

[2011/01/17 20:20:17 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/01/17 20:20:15 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/01/17 20:20:15 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/01/17 15:56:47 | 000,001,264 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk

[2011/01/17 15:44:10 | 000,000,036 | ---- | M] () -- C:\Users\Olivier Martin\AppData\Local\housecall.guid.cache

[2011/01/17 15:39:08 | 000,001,246 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110117_153903.reg

[2011/01/16 09:33:45 | 000,008,430 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110116_093337.reg

[2011/01/15 14:46:57 | 000,000,112 | ---- | M] () -- C:\ProgramData\y32s3LDu.dat

[2011/01/13 20:11:46 | 000,003,031 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\HiJackThis.lnk

[2011/01/13 16:41:57 | 000,000,162 | -H-- | M] () -- C:\Users\Olivier Martin\Desktop\~$vre à acheter.doc

[2011/01/13 14:47:27 | 000,022,442 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\cc_20110113_144720.reg

[2011/01/09 02:40:34 | 000,017,728 | ---- | M] () -- C:\Windows\bw600.ini

[2011/01/09 02:40:34 | 000,000,890 | ---- | M] () -- C:\Windows\BW6Dir.ini

[2011/01/03 15:31:35 | 000,033,280 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Livre à acheter.doc

[2011/01/03 09:30:29 | 000,001,965 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\GanttProject.lnk

[2010/12/30 14:34:29 | 000,000,162 | -H-- | M] () -- C:\Users\Olivier Martin\Desktop\~$Sir 25.docx

[2010/12/27 22:46:17 | 000,226,666 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\courir.pdf

[2010/12/27 15:29:24 | 4002,405,218 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\Corse2010.avi

[2010/12/27 12:02:11 | 000,003,326 | ---- | M] () -- C:\Users\Olivier Martin\Desktop\corse2010.xmp

 

========== Files Created - No Company Name ==========

 

[2011/01/21 15:55:28 | 492,092,070 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2011/01/21 13:47:46 | 000,001,484 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110121_134743.reg

[2011/01/21 09:53:40 | 000,001,115 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Vidéos - Raccourci.lnk

[2011/01/17 20:26:18 | 000,001,897 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\AD-R.lnk

[2011/01/17 20:20:17 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/01/17 20:20:15 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/01/17 20:20:15 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/01/17 15:56:47 | 000,001,264 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Spybot - Search & Destroy.lnk

[2011/01/17 15:44:10 | 000,000,036 | ---- | C] () -- C:\Users\Olivier Martin\AppData\Local\housecall.guid.cache

[2011/01/17 15:39:05 | 000,001,246 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110117_153903.reg

[2011/01/16 09:33:40 | 000,008,430 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110116_093337.reg

[2011/01/15 14:36:49 | 000,000,112 | ---- | C] () -- C:\ProgramData\y32s3LDu.dat

[2011/01/13 20:11:46 | 000,003,031 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\HiJackThis.lnk

[2011/01/13 16:41:57 | 000,000,162 | -H-- | C] () -- C:\Users\Olivier Martin\Desktop\~$vre à acheter.doc

[2011/01/13 14:47:23 | 000,022,442 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\cc_20110113_144720.reg

[2011/01/03 23:15:36 | 000,003,328 | ---- | C] () -- C:\Users\Olivier Martin\.ganttproject

[2011/01/03 23:15:02 | 000,007,545 | ---- | C] () -- C:\Users\Olivier Martin\Documents\Projet Travail.gan

[2011/01/03 09:31:15 | 000,030,925 | ---- | C] () -- C:\Users\Olivier Martin\.ganttproject.log

[2011/01/03 09:30:28 | 000,001,965 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\GanttProject.lnk

[2010/12/30 14:34:29 | 000,000,162 | -H-- | C] () -- C:\Users\Olivier Martin\Desktop\~$Sir 25.docx

[2010/12/30 14:34:28 | 000,013,031 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Sir 25.docx

[2010/12/27 22:43:56 | 000,226,666 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\courir.pdf

[2010/12/27 16:11:56 | 4002,405,218 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\Corse2010.avi

[2010/12/27 12:02:11 | 000,003,326 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\corse2010.xmp

[2010/12/27 10:39:34 | 1884,379,327 | ---- | C] () -- C:\Users\Olivier Martin\Desktop\corse2010.mpg

[2010/11/27 01:48:52 | 000,017,674 | ---- | C] () -- C:\Windows\bw600_clone.ini

[2010/04/26 16:15:44 | 001,551,984 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/02/24 13:39:19 | 000,036,972 | ---- | C] () -- C:\Windows\SysWow64\ActPanel.dll

[2010/02/14 17:32:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/02/12 17:54:03 | 000,007,623 | ---- | C] () -- C:\Users\Olivier Martin\AppData\Local\resmon.resmoncfg

[2010/02/06 14:06:22 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini

[2010/01/07 14:48:28 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/01/06 15:21:34 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\VBoxD3D9.dll

[2010/01/06 15:21:34 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\VBoxD3D8.dll

[2010/01/06 15:21:06 | 001,372,160 | ---- | C] () -- C:\Windows\SysWow64\libWine.dll

[2010/01/06 15:21:06 | 000,827,392 | ---- | C] () -- C:\Windows\SysWow64\wined3d.dll

[2009/11/30 16:32:24 | 000,060,416 | ---- | C] () -- C:\Windows\SysWow64\rbap350.dll

[2009/11/22 20:15:56 | 000,000,092 | ---- | C] () -- C:\Windows\Antidote7.ini

[2009/11/21 21:25:02 | 000,000,263 | ---- | C] () -- C:\Windows\w32demo8.ini

[2009/11/20 16:33:51 | 000,000,165 | ---- | C] () -- C:\Windows\BasiliskII.ini

[2009/11/20 13:18:58 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini

[2009/11/20 13:18:56 | 000,000,462 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2009/11/20 13:18:56 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI

[2009/11/17 16:03:00 | 000,000,890 | ---- | C] () -- C:\Windows\BW6Dir.ini

[2009/11/17 16:01:16 | 000,017,728 | ---- | C] () -- C:\Windows\bw600.ini

[2009/11/17 15:47:22 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\bwbits60.dll

[2009/11/17 15:47:22 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\patchw32.dll

[2009/11/17 15:47:22 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\patchw.dll

[2009/11/17 15:47:22 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll

[2009/11/17 15:47:22 | 000,020,992 | ---- | C] () -- C:\Windows\SysWow64\bwntsend.dll

[2009/11/17 15:47:22 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\bwnthook.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

 

========== LOP Check ==========

 

[2011/01/03 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d

[2010/01/08 11:29:12 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Academic Software Zurich

[2010/01/15 22:02:25 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\DAEMON Tools Lite

[2009/11/22 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Druide

[2010/09/02 22:06:30 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\EndNote

[2010/11/14 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\FileZilla

[2009/11/24 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\InfraRecorder

[2010/12/01 19:02:42 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\inkscape

[2010/10/22 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Swiss Academic Software

[2010/11/29 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\The Word

[2010/08/19 15:21:22 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Thunderbird

[2011/01/20 20:55:44 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010/01/05 14:38:42 | 000,000,490 | ---- | M] () -- C:\Windows\Tasks\SyncBack Sauvegarde mail.job

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %APPDATA%\*. >

[2011/01/03 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\.emacs.d

[2010/01/08 11:29:12 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Academic Software Zurich

[2010/01/10 14:58:52 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Adobe

[2009/11/27 12:31:12 | 000,000,000 | R--D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Brother

[2009/11/17 15:31:05 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\CyberLink

[2010/01/15 22:02:25 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\DAEMON Tools Lite

[2009/11/17 15:28:28 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Dell

[2009/11/20 21:21:58 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Download Manager

[2009/11/22 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Druide

[2010/09/02 22:06:30 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\EndNote

[2010/11/14 12:11:21 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\FileZilla

[2009/11/17 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Identities

[2009/11/24 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\InfraRecorder

[2010/12/01 19:02:42 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\inkscape

[2009/11/18 23:09:40 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Macromedia

[2010/08/21 10:42:01 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Malwarebytes

[2009/07/14 16:35:05 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Media Center Programs

[2011/01/13 20:11:46 | 000,000,000 | --SD | M] -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft

[2009/11/19 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Mozilla

[2009/11/17 15:28:15 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Roxio

[2011/01/21 18:53:34 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Skype

[2011/01/21 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\skypePM

[2010/10/22 14:29:37 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Swiss Academic Software

[2009/11/19 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Talkback

[2010/11/29 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\The Word

[2010/08/19 15:21:22 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Thunderbird

[2010/12/22 10:33:11 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\vlc

[2010/12/10 15:18:31 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\VMware

[2010/08/21 08:59:14 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\WinRAR

[2011/01/21 16:33:28 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\WTablet

[2010/02/18 14:54:32 | 000,000,000 | ---D | M] -- C:\Users\Olivier Martin\AppData\Roaming\Yahoo!

 

< %APPDATA%\*.exe /s >

[2011/01/13 20:11:46 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Olivier Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

 

< MD5 for: CDROM.SYS >

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 

< MD5 for: DISK.SYS >

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

 

< MD5 for: EXPLORER.EXE >

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SysWOW64\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\explorer.exe

[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

 

< MD5 for: IASTORV.SYS >

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 

< MD5 for: NDIS.SYS >

[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys

[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

 

< MD5 for: RASACD.SYS >

[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys

[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\SysNative\drivers\rdpwd.sys

[2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

 

< MD5 for: TCPIP.SYS >

[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys

[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys

[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys

[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

 

< MD5 for: WININIT.EXE >

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll

[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

[2009/07/14 02:15:28 | 000,186,368 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\Tasks\*.job >

[2011/01/21 18:16:00 | 000,001,086 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2011/01/21 19:16:00 | 000,001,090 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[2010/01/05 14:38:42 | 000,000,490 | ---- | M] () -- C:\Windows\Tasks\SyncBack Sauvegarde mail.job

 

< End of report >

Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e)

Et voilà le log de Extras.txt

 

Merci pour ton aide

 

OTL Extras logfile created on: 21/01/2011 18:54:45 - Run 1

OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\Olivier Martin\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 689,44 Gb Total Space | 402,65 Gb Free Space | 58,40% Space Free | Partition Type: NTFS

Drive D: | 698,63 Gb Total Space | 148,36 Gb Free Space | 21,24% Space Free | Partition Type: NTFS

Drive K: | 298,02 Gb Total Space | 103,49 Gb Free Space | 34,73% Space Free | Partition Type: FAT32

Drive L: | 1,88 Gb Total Space | 1,74 Gb Free Space | 92,36% Space Free | Partition Type: FAT

 

Computer Name: OLIVE-FIXE | User Name: Olivier Martin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{23D0BEFD-26D3-4700-A012-1277B591C1E1}" = Hébreu avec clavier français — Michael Langlois — 1.3

"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java 6 Update 14 (64-bit)

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{41EB316A-D0D6-4F0B-8E20-1F975FE87238}" = Adobe InDesign CS4 Icon Handler x64

"{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}" = Adobe PDF iFilter 9 for 64-bit platforms

"{622CE786-0974-404C-AE68-E41CA3FBF555}" = Syriaque avec clavier français — Michael Langlois — 1.4

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1" = Adobe Reader 64-bit fixes

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{CC95E3FF-822B-47CD-9B4D-C89536615461}" = Oracle VM VirtualBox 3.2.8

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{DA8041CD-904C-4FB6-8EAB-C390663F0046}" = Grec avec clavier français — Michael Langlois — 1.2

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"Defraggler" = Defraggler

"NVIDIA Drivers" = NVIDIA Drivers

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd

"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control

"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 23

"{304C91E3-C95D-4785-8EA8-5AAAA88FA3B4}" = WinSoftME

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3D45A3B6-BC6D-4F7A-B311-2C4773530D68}" = Suite Shared Configuration CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3E0D6B4E-99E6-445F-B83D-E13638CA2008}" = Adobe InDesign CS4 Icon Handler

"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{566BB41D-F006-4956-A5D3-94D8DFFA7F51}" = Adobe Setup

"{56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}" = Antidote HD

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{68249B78-B714-11D7-88E8-0050DA21757E}" = Environnement d'exécution Java 2, Standard Edition v1.3.1_18

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{78C2BDCD-79EB-4151-A113-C06E9A9678D6}" = Adobe Update Manager CS4

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{87F7773C-EC9C-461A-AA7B-4AF8EF54DF49}" = EndNote X1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris

"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2009.10.22

"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC76BA86-7AD7-1036-7B44-A91000000001}" = Adobe Reader 9.1.2 - Français

"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k

"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B7F12CF1-B81C-47C9-835C-5486ED89B8CE}" = Adobe InDesign CS4 Common Base Files

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{C9FDFA53-88D0-42C6-94E8-244016267C50}" = Adobe InDesign CS4

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux

"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{DE3BB35E-C0CE-4CA1-9CB4-CD9E69364BD9}" = Adobe Premiere Pro CS4

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.1

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{EEA247F1-C478-405A-B59A-C29585D8DF27}" = Adobe InDesign CS4 Application Feature Set Files (Middle-Eastern)

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F49C5BB6-77AF-40EA-AD40-C54FDB05803D}" = Adobe Setup

"{F5CD130F-5789-4D38-8762-FFBEBA896805}" = BibleWorks 6

"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar

"{F8C669F9-91F8-48C4-8E52-742FA6B855D4}" = Dead Sea Scrolls Electronic Library

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows

"7-Zip" = 7-Zip 4.65

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_26b63376f4efc354dae41af6b5e3343" = Adobe Premiere Pro CS4

"Adobe_95e0cc74dbf32662d4445ac1ef67d56" = Adobe InDesign CS4

"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"Ad-Remover" = Ad-Remover By C_XX

"Akamai" = Akamai NetSession Interface

"CCleaner" = CCleaner

"CloneCD" = CloneCD

"DVD Shrink_is1" = DVD Shrink 3.2

"FileZilla Client" = FileZilla Client 3.3.0.1

"GanttProject" = GanttProject

"InfraRecorder" = InfraRecorder

"Inkscape" = Inkscape 0.48.0

"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper

"JDownloader" = JDownloader

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)

"MSC" = McAfee SecurityCenter

"PC Library" = PC Library

"PROPLUS" = Microsoft Office Professional Plus 2007

"SyncBack_is1" = SyncBack

"Tablet Driver" = Tablette

"The Word" = theWord

"VLC media player" = VLC media player 1.1.4

"VMware_Workstation" = VMware Workstation

"WinLiveSuite_Wave3" = Installation Windows Live

"Yahoo! Messenger" = Yahoo! Messenger

"ZHPDiag_is1" = ZHPDiag 1.27

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}" = HHD Software Hex Editor Neo 4.95

"Inscriptifact 8.0.0" = Inscriptifact 8.0.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 12/01/2011 12:26:30 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste

ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL »

à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas

à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

La

définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Utilisez

sxstrace.exe pour un diagnostic détaillé.

 

Error - 12/01/2011 12:27:19 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur

dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search

enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non

valide.

 

Error - 13/01/2011 09:46:49 | Computer Name = OLIVE-FIXE | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante svchost.exe, version : 6.1.7600.16385,

horodatage : 0x4a5bc3c1 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage

: 0x00000000 Code d’exception : 0xc000001d Décalage d’erreur : 0x0000000001cb516c

ID

du processus défaillant : 0x354 Heure de début de l’application défaillante : 0x01cbb327d489dcf9

Chemin

d’accès de l’application défaillante : C:\Windows\system32\svchost.exe Chemin d’accès

du module défaillant: unknown ID de rapport : 9162d50a-1f1b-11e0-ae18-005056c00008

 

Error - 13/01/2011 09:46:49 | Computer Name = OLIVE-FIXE | Source = Application Error | ID = 1005

Description = Windows ne peut pas accéder au fichier pour une des raisons suivantes :

un

problème s’est produit avec la connexion réseau, le disque sur lequel le fichier

est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque

est manquant. Windows a fermé le programme Processus hôte pour les services Windows

en raison de cette erreur. Programme : Processus hôte pour les services Windows Fichier :

La valeur de l’erreur est affichée dans la section Données supplémentaires. Action

utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème

temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2.

Si

le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur

réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur

peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette

ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.

3.

Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK,

cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes,

entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le

fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du

même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être

endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur

de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires

Valeur

de l’erreur : 00000000 Type du disque : 0

 

Error - 13/01/2011 10:09:37 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « c:\Program Files

(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier

de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »

de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

 

Error - 13/01/2011 10:11:05 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste

ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL »

à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas

à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

La

définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Utilisez

sxstrace.exe pour un diagnostic détaillé.

 

Error - 13/01/2011 10:11:54 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur

dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search

enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non

valide.

 

Error - 14/01/2011 06:31:59 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842815

Description = La création du contexte d’activation a échoué pour « c:\Program Files

(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll ». Erreur dans le fichier

de manifeste ou de stratégie « c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll » à la ligne 3. La valeur « MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR »

de l’attribut « version » de l’élément « assemblyIdentity » n’est pas valide.

 

Error - 14/01/2011 06:33:09 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842787

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\windows live\photo gallery\MovieMaker.Exe ». Erreur dans le fichier de manifeste

ou de stratégie « c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL »

à la ligne 8. L’identité de composant trouvé dans le manifeste ne correspond pas

à celle du composant demandé. La référence est WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

La

définition est WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Utilisez

sxstrace.exe pour un diagnostic détaillé.

 

Error - 14/01/2011 06:33:44 | Computer Name = OLIVE-FIXE | Source = SideBySide | ID = 16842811

Description = La création du contexte d’activation a échoué pour « c:\program files

(x86)\microsoft\search enhancement pack\search helper\searchhelper.dll ». Erreur

dans le fichier de manifeste ou de stratégie « c:\program files (x86)\microsoft\search

enhancement pack\search helper\searchhelper.dll » à la ligne 2. Syntaxe XML non

valide.

 

[ Media Center Events ]

Error - 31/01/2010 03:34:08 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 08:34:06 - Échec de la récupération de MCESpotlight (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 05/03/2010 02:38:23 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:38:23 - Erreur de connexion à Internet. 07:38:23 - Impossible

de contacter le service..

 

Error - 05/03/2010 02:39:37 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:39:16 - Échec de la récupération de MCEClientUX (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 05/03/2010 02:40:04 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:40:00 - Échec de la récupération de Broadband (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 06/03/2010 02:21:43 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:21:43 - Échec de la récupération de Directory (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 06/03/2010 02:22:47 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:22:26 - Échec de la récupération de MCESpotlight (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 06/03/2010 02:23:10 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 07:23:08 - Échec de la récupération de MCEClientUX (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 26/05/2010 12:34:44 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 18:34:44 - Échec de la récupération de Directory (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 26/05/2010 12:35:47 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 18:35:26 - Échec de la récupération de MCESpotlight (Erreur : Impossible

de se connecter au serveur distant)

 

Error - 26/05/2010 12:36:10 | Computer Name = OLIVE-FIXE | Source = MCUpdate | ID = 0

Description = 18:36:08 - Échec de la récupération de MCEClientUX (Erreur : Impossible

de se connecter au serveur distant)

 

[ OSession Events ]

Error - 23/01/2010 11:28:23 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 23/01/2010 11:29:34 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 23/01/2010 11:39:21 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 237

seconds with 120 seconds of active time. This session ended with a crash.

 

Error - 23/01/2010 11:40:09 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 28/01/2010 04:38:17 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 38423

seconds with 120 seconds of active time. This session ended with a crash.

 

Error - 27/05/2010 16:50:28 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 45105

seconds with 11280 seconds of active time. This session ended with a crash.

 

Error - 15/06/2010 05:16:41 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 723

seconds with 60 seconds of active time. This session ended with a crash.

 

Error - 10/01/2011 17:55:57 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 704

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 16/01/2011 19:02:36 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 47381

seconds with 600 seconds of active time. This session ended with a crash.

 

Error - 17/01/2011 13:54:42 | Computer Name = OLIVE-FIXE | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5640

seconds with 1680 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 27/08/2010 01:34:35 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060

Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été

bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre

logiciel pour obtenir une version compatible du pilote.

 

Error - 27/08/2010 01:40:46 | Computer Name = OLIVE-FIXE | Source = Service Control Manager | ID = 7000

Description = Le service McAfee Inc. mferkdk n’a pas pu démarrer en raison de l’erreur :

%%127

 

Error - 28/08/2010 04:51:08 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060

Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été

bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre

logiciel pour obtenir une version compatible du pilote.

 

Error - 28/08/2010 04:59:22 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060

Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été

bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre

logiciel pour obtenir une version compatible du pilote.

 

Error - 29/08/2010 04:03:23 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 29/08/2010 06:34:06 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 29/08/2010 08:31:15 | Computer Name = OLIVE-FIXE | Source = VDS Basic Provider | ID = 33554433

Description =

 

Error - 30/08/2010 18:21:34 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060

Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été

bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre

logiciel pour obtenir une version compatible du pilote.

 

Error - 30/08/2010 18:21:37 | Computer Name = OLIVE-FIXE | Source = Application Popup | ID = 1060

Description = Le chargement de \SystemRoot\SysWow64\DRIVERS\VBoxMouse.sys a été

bloqué en raison d’une incompatibilité avec ce système. Contactez l’éditeur de votre

logiciel pour obtenir une version compatible du pilote.

 

Error - 31/08/2010 02:07:28 | Computer Name = OLIVE-FIXE | Source = Service Control Manager | ID = 7011

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la réponse transactionnelle du service lmhosts.

 

 

< End of report >

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

hello,

 

fais cela stp..

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

 

 

:files

C:\Program Files (x86)\Druide

C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

C:\32788R22FWJFW

C:\ProgramData\.zreglib

C:\Users\Oliv-S~1\AppData\Local\Temp\setup783426956.exe

C:\Users\Oliv-S~1\AppData\Local\Temp\setup3803102088.exe

 

 

:OTL

PRC - C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote .exe (Druide informatique inc.)

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKU\S-1-5-21-1672107402-3960017692-2506112607-1000..\Run: [AdobeBridge] File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

MsConfig:64bit - StartUpReg: orifvabo - hkey= - key= - File not found

MsConfig:64bit - StartUpReg: rsmoanxwce.exe - hkey= - key= - File not found

MsConfig:64bit - State: "startup" - Reg Error: Key error.

MsConfig:64bit - State: "services" - Reg Error: Key error.

 

:Commands

[emptytemp]

[EMPTYFLASH]

[PURITY]

[RESETHOSTS]

 

 

* Cliques sur l'icône "Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir "OTL.Txt"

* Copie et colle le rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++

Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e) (modifié)

J'ai lancé OTL, il a demandé de redémarrer, est l'ordi a planté au moment d'ouvrir la session.

Le reredémarrage c'est bien passé, je te joins le log qui était ouvert au redémarrage.

 

Daemon Tools affiche un message d'erreur mais je peux le réinstaller (ou le virer)

 

Question: (si t'as le temps) pourquoi as-tu touché à Druide?

 

Bien vu pour le dossier C:\32788R22FWJFW\ je ne l'avais même pas remarqué... ça avait l'air méchant ce truc...

 

All processes killed

========== FILES ==========

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\WordPerfect folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Word folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Thunderbird folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\PowerPoint folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\OutlookExpress folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Outlook folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\OpenOffice.org folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Internet Explorer folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\InDesign folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\InCopy folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Illustrator folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\GroupWise folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Firefox folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Excel folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Texteurs folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\phonon_backend folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\imageformats folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt\accessible folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\LibrairiesQt folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Librairies folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Extensions folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Programmes32 folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\Thunderbird folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\StarOffice folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\OpenOffice.org folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels\Firefox folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Installation dans vos logiciels folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\PanneauxDetails folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\Html folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\Grammaire\images folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\Grammaire folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\Configuration folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\Combinatoire2 folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees\AffichageDictionnaires folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Donnees folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation\Images folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs\Api com\Exemple folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs\Api com folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation\Développeurs folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation\Documents d'évaluation folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7\Documentation folder moved successfully.

C:\Program Files (x86)\Druide\Antidote 7 folder moved successfully.

C:\Program Files (x86)\Druide folder moved successfully.

C:\Users\Olivier Martin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully.

C:\32788R22FWJFW\N_ folder moved successfully.

C:\32788R22FWJFW\License folder moved successfully.

C:\32788R22FWJFW\EN-US folder moved successfully.

C:\32788R22FWJFW folder moved successfully.

C:\ProgramData\.zreglib moved successfully.

File\Folder C:\Users\Oliv-S~1\AppData\Local\Temp\setup783426956.exe not found.

File\Folder C:\Users\Oliv-S~1\AppData\Local\Temp\setup3803102088.exe not found.

========== OTL ==========

No active process named Program Files was found!

Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 removed from extensions.enabledItems

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1672107402-3960017692-2506112607-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\orifvabo\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\rsmoanxwce.exe\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Olivier Martin

->Temp folder emptied: 36064 bytes

->Temporary Internet Files folder emptied: 3365787 bytes

->Java cache emptied: 73021532 bytes

->FireFox cache emptied: 61875876 bytes

->Google Chrome cache emptied: 819568 bytes

->Flash cache emptied: 6072 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 13263 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50607 bytes

RecycleBin emptied: 602 bytes

 

Total Files Cleaned = 133,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Olivier Martin

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.20.3 log created on 01212011_205744

 

Files\Folders moved on Reboot...

C:\Users\Olivier Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Windows\temp\vmware-Système-2077491091\vmware-usbarb-Système-1288.log moved successfully.

 

Registry entries deleted on Reboot...

Modifié par Platzounet
jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e) (modifié)

hello,

 

pour druide (et même adobe que j'ai loupé) certains fichiers sont corrompu par l'infection, j'ai donc virer le dossier entier, mais on a plus embêtant que ça pour l'instant...

 

Fais cela stp...

 

Télécharge TDSSKiller (Kapersky Lab) sur ton bureau en allant sur cette page web

Dezzipe le et fais un clic-droit dessus et choisis "exécuter en tant qu'administrateur" >> si une détection apparait après le scanne,suis les instructions et autorise le redémarrage du pc et poste le rapport "C:\TDSSKiller......."

 

@++

Modifié par jeanmimigab
Platzounet Junior Member

Platzounet

Posté(e)
  • Auteur
Posté(e)

Voilà le log de TDSSKIller

 

2011/01/21 22:08:44.0824 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51

2011/01/21 22:08:44.0824 ================================================================================

2011/01/21 22:08:44.0824 SystemInfo:

2011/01/21 22:08:44.0824

2011/01/21 22:08:44.0824 OS Version: 6.1.7600 ServicePack: 0.0

2011/01/21 22:08:44.0824 Product type: Workstation

2011/01/21 22:08:44.0824 ComputerName: OLIVE-FIXE

2011/01/21 22:08:44.0824 UserName: Olivier Martin

2011/01/21 22:08:44.0824 Windows directory: C:\Windows

2011/01/21 22:08:44.0824 System windows directory: C:\Windows

2011/01/21 22:08:44.0824 Running under WOW64

2011/01/21 22:08:44.0824 Processor architecture: Intel x64

2011/01/21 22:08:44.0824 Number of processors: 2

2011/01/21 22:08:44.0824 Page size: 0x1000

2011/01/21 22:08:44.0824 Boot type: Normal boot

2011/01/21 22:08:44.0824 ================================================================================

2011/01/21 22:08:44.0824 Utility is running under WOW64

2011/01/21 22:08:46.0696 Initialize success

2011/01/21 22:08:55.0806 ================================================================================

2011/01/21 22:08:55.0806 Scan started

2011/01/21 22:08:55.0806 Mode: Manual;

2011/01/21 22:08:55.0806 ================================================================================

2011/01/21 22:08:56.0399 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/01/21 22:08:56.0430 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/01/21 22:08:56.0446 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/01/21 22:08:56.0508 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

2011/01/21 22:08:56.0555 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/01/21 22:08:56.0571 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/01/21 22:08:56.0602 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/01/21 22:08:56.0680 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2011/01/21 22:08:56.0711 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/01/21 22:08:56.0742 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/01/21 22:08:56.0758 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/01/21 22:08:56.0774 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/01/21 22:08:56.0789 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/01/21 22:08:56.0805 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

2011/01/21 22:08:56.0836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/01/21 22:08:56.0852 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

2011/01/21 22:08:56.0883 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/01/21 22:08:56.0914 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/01/21 22:08:56.0930 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/01/21 22:08:56.0976 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/01/21 22:08:56.0992 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/01/21 22:08:57.0039 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/01/21 22:08:57.0070 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/01/21 22:08:57.0101 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/01/21 22:08:57.0117 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/01/21 22:08:57.0148 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

2011/01/21 22:08:57.0164 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/01/21 22:08:57.0179 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/01/21 22:08:57.0210 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/01/21 22:08:57.0226 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/01/21 22:08:57.0273 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/01/21 22:08:57.0288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/01/21 22:08:57.0304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/01/21 22:08:57.0335 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/01/21 22:08:57.0366 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/01/21 22:08:57.0398 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys

2011/01/21 22:08:57.0413 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/01/21 22:08:57.0444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/01/21 22:08:57.0460 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/01/21 22:08:57.0476 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/01/21 22:08:57.0491 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/01/21 22:08:57.0507 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/01/21 22:08:57.0538 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/01/21 22:08:57.0554 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/01/21 22:08:57.0600 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2011/01/21 22:08:57.0616 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/01/21 22:08:57.0632 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/01/21 22:08:57.0678 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/01/21 22:08:57.0710 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys

2011/01/21 22:08:57.0788 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/01/21 22:08:57.0928 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys

2011/01/21 22:08:57.0959 ElbyCDIO (7984a82c1c373923330e6781f762d140) C:\Windows\system32\Drivers\ElbyCDIO.sys

2011/01/21 22:08:58.0006 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/01/21 22:08:58.0037 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/01/21 22:08:58.0084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/01/21 22:08:58.0100 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/01/21 22:08:58.0131 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/01/21 22:08:58.0162 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/01/21 22:08:58.0193 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/01/21 22:08:58.0224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/01/21 22:08:58.0256 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/01/21 22:08:58.0271 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/01/21 22:08:58.0287 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/01/21 22:08:58.0318 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys

2011/01/21 22:08:58.0334 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/01/21 22:08:58.0396 hcmon (b93b24f258441820e575c7983ba47313) C:\Windows\system32\drivers\hcmon.sys

2011/01/21 22:08:58.0412 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/01/21 22:08:58.0427 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/01/21 22:08:58.0458 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/01/21 22:08:58.0474 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/01/21 22:08:58.0490 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/01/21 22:08:58.0521 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/01/21 22:08:58.0552 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/01/21 22:08:58.0568 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/01/21 22:08:58.0599 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/01/21 22:08:58.0614 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/01/21 22:08:58.0646 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

2011/01/21 22:08:58.0661 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/01/21 22:08:58.0739 IntcAzAudAddService (f2b52c7b1c8e6a4fc4c4564f4a421f23) C:\Windows\system32\drivers\RTKVHD64.sys

2011/01/21 22:08:58.0770 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/01/21 22:08:58.0786 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/01/21 22:08:58.0833 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/01/21 22:08:58.0864 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/01/21 22:08:58.0880 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/01/21 22:08:58.0895 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/01/21 22:08:58.0926 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/01/21 22:08:58.0958 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/01/21 22:08:58.0973 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/01/21 22:08:58.0989 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/01/21 22:08:59.0020 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/01/21 22:08:59.0036 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys

2011/01/21 22:08:59.0051 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/01/21 22:08:59.0082 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/01/21 22:08:59.0114 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/01/21 22:08:59.0145 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/01/21 22:08:59.0160 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/01/21 22:08:59.0176 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/01/21 22:08:59.0207 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/01/21 22:08:59.0254 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys

2011/01/21 22:08:59.0285 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys

2011/01/21 22:08:59.0332 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys

2011/01/21 22:08:59.0394 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/01/21 22:08:59.0426 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/01/21 22:08:59.0441 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys

2011/01/21 22:08:59.0488 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys

2011/01/21 22:08:59.0535 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys

2011/01/21 22:08:59.0566 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys

2011/01/21 22:08:59.0613 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys

2011/01/21 22:08:59.0644 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys

2011/01/21 22:08:59.0691 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys

2011/01/21 22:08:59.0722 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/01/21 22:08:59.0909 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/01/21 22:08:59.0940 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/01/21 22:08:59.0956 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/01/21 22:08:59.0972 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/01/21 22:09:00.0003 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/01/21 22:09:00.0034 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/01/21 22:09:00.0050 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/01/21 22:09:00.0081 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/01/21 22:09:00.0096 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/01/21 22:09:00.0112 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/01/21 22:09:00.0143 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2011/01/21 22:09:00.0159 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/01/21 22:09:00.0190 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/01/21 22:09:00.0221 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/01/21 22:09:00.0237 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/01/21 22:09:00.0284 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/01/21 22:09:00.0299 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/01/21 22:09:00.0330 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/01/21 22:09:00.0346 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/01/21 22:09:00.0377 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/01/21 22:09:00.0408 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/01/21 22:09:00.0424 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/01/21 22:09:00.0440 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/01/21 22:09:00.0471 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/01/21 22:09:00.0502 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/01/21 22:09:00.0533 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/01/21 22:09:00.0549 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/01/21 22:09:00.0580 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/01/21 22:09:00.0611 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/01/21 22:09:00.0642 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/01/21 22:09:00.0658 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/01/21 22:09:00.0674 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/01/21 22:09:00.0720 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/01/21 22:09:00.0736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/01/21 22:09:00.0752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/01/21 22:09:00.0798 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/01/21 22:09:00.0845 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/01/21 22:09:00.0876 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys

2011/01/21 22:09:01.0079 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/01/21 22:09:01.0142 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

2011/01/21 22:09:01.0157 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

2011/01/21 22:09:01.0188 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/01/21 22:09:01.0204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/01/21 22:09:01.0235 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/01/21 22:09:01.0251 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/01/21 22:09:01.0282 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/01/21 22:09:01.0298 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2011/01/21 22:09:01.0329 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/01/21 22:09:01.0344 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/01/21 22:09:01.0376 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/01/21 22:09:01.0469 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS

2011/01/21 22:09:01.0547 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/01/21 22:09:01.0563 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/01/21 22:09:01.0594 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/01/21 22:09:01.0625 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/01/21 22:09:01.0656 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/01/21 22:09:01.0703 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/01/21 22:09:01.0734 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/01/21 22:09:01.0750 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/01/21 22:09:01.0766 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/01/21 22:09:01.0797 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/01/21 22:09:01.0812 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/01/21 22:09:01.0828 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/01/21 22:09:01.0859 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/01/21 22:09:01.0890 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/01/21 22:09:01.0906 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/01/21 22:09:01.0922 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/01/21 22:09:01.0937 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/01/21 22:09:01.0968 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/01/21 22:09:02.0000 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/01/21 22:09:02.0031 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/01/21 22:09:02.0093 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys

2011/01/21 22:09:02.0124 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/01/21 22:09:02.0156 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/01/21 22:09:02.0202 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/01/21 22:09:02.0218 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/01/21 22:09:02.0234 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/01/21 22:09:02.0249 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/01/21 22:09:02.0280 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/01/21 22:09:02.0312 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/01/21 22:09:02.0327 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/01/21 22:09:02.0343 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/01/21 22:09:02.0374 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/01/21 22:09:02.0390 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/01/21 22:09:02.0405 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/01/21 22:09:02.0436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/01/21 22:09:02.0514 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys

2011/01/21 22:09:02.0514 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

2011/01/21 22:09:02.0514 sptd - detected Locked file (1)

2011/01/21 22:09:02.0561 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys

2011/01/21 22:09:02.0592 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys

2011/01/21 22:09:02.0624 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys

2011/01/21 22:09:02.0670 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/01/21 22:09:02.0686 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/01/21 22:09:02.0764 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys

2011/01/21 22:09:02.0811 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys

2011/01/21 22:09:02.0842 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/01/21 22:09:02.0873 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/01/21 22:09:02.0889 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/01/21 22:09:02.0904 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/01/21 22:09:02.0920 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/01/21 22:09:02.0998 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/01/21 22:09:03.0045 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/01/21 22:09:03.0060 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/01/21 22:09:03.0092 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/01/21 22:09:03.0138 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/01/21 22:09:03.0154 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/01/21 22:09:03.0185 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/01/21 22:09:03.0232 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

2011/01/21 22:09:03.0248 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/01/21 22:09:03.0279 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/01/21 22:09:03.0310 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

2011/01/21 22:09:03.0326 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

2011/01/21 22:09:03.0341 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

2011/01/21 22:09:03.0388 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/01/21 22:09:03.0404 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/01/21 22:09:03.0435 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/01/21 22:09:03.0482 VBoxDrv (4fe30ec910ba4d18d1b0e51c7780053c) C:\Windows\system32\DRIVERS\VBoxDrv.sys

2011/01/21 22:09:03.0528 VBoxNetAdp (47499fe912f0b4e7664f8498f2906f0e) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

2011/01/21 22:09:03.0544 VBoxNetFlt (032d3d3f93eef92fda895e87f28a0a0b) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

2011/01/21 22:09:03.0591 VBoxUSB (a8a9d6a510ef796192a0af95f1c2d2bb) C:\Windows\system32\Drivers\VBoxUSB.sys

2011/01/21 22:09:03.0622 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/01/21 22:09:03.0638 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/01/21 22:09:03.0669 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/01/21 22:09:03.0684 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/01/21 22:09:03.0700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/01/21 22:09:03.0731 vmci (9bc38986a8f0e85f27cc18a196808f52) C:\Windows\system32\drivers\vmci.sys

2011/01/21 22:09:03.0794 vmkbd (ac9dc0f511c56125483a5fb385d0bc80) C:\Windows\system32\drivers\VMkbd.sys

2011/01/21 22:09:03.0809 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys

2011/01/21 22:09:03.0856 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys

2011/01/21 22:09:03.0887 VMnetuserif (b4686ed49494a4264e867a7938fad24b) C:\Windows\system32\drivers\vmnetuserif.sys

2011/01/21 22:09:03.0934 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys

2011/01/21 22:09:03.0965 vmx86 (4b4987b8850de542f23621b881b10342) C:\Windows\system32\drivers\vmx86.sys

2011/01/21 22:09:03.0981 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/01/21 22:09:04.0012 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/01/21 22:09:04.0043 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/01/21 22:09:04.0074 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/01/21 22:09:04.0168 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys

2011/01/21 22:09:04.0215 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

2011/01/21 22:09:04.0246 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

2011/01/21 22:09:04.0277 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/01/21 22:09:04.0308 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys

2011/01/21 22:09:04.0340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/21 22:09:04.0355 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/21 22:09:04.0386 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/01/21 22:09:04.0418 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/01/21 22:09:04.0480 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/01/21 22:09:04.0542 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

2011/01/21 22:09:04.0558 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/01/21 22:09:04.0605 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/01/21 22:09:04.0652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/01/21 22:09:04.0683 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/01/21 22:09:04.0698 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/01/21 22:09:04.0745 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0)

2011/01/21 22:09:04.0792 ================================================================================

2011/01/21 22:09:04.0792 Scan finished

2011/01/21 22:09:04.0792 ================================================================================

2011/01/21 22:09:04.0792 Detected object count: 2

2011/01/21 22:09:13.0544 Locked file(sptd) - User select action: Skip

2011/01/21 22:09:13.0575 \HardDisk1 - will be cured after reboot

2011/01/21 22:09:13.0575 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure

2011/01/21 22:09:18.0848 Deinitialize success

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...