demande d'ananlyse de scan hijackthis!merci

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 16 Fév 2010 20:49

j'ai eu une peur bleu qd mon pc c'est éteint tout d'un coup avec écran bleu car j'ai voulu regarder un épisode de himym que j'avais télécharger et qui me demandais pour le lire d'installer un truc j'ai hésité puis je l'ai fais et la il c'est passé ce que je viens de dire.
Mais mon PC a redémarré normalement et ya pas l'air d'avoir de pb
Alors juste pour etre sure je poste un rapport hijackthis au cas ou il y est un truc infectieux:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:36, on 16/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Orange HSS\Launcher\Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Orange HSS\systray\systrayapp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Orange HSS\connectivity\connectivitymanager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Orange HSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange HSS\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe" -run "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?eddc409cf4f942c9b9b771d697465598
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?eddc409cf4f942c9b9b771d697465598
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA051CEA-13EF-4F9F-95C4-909AF884FD82}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

--
End of file - 11397 bytes

merci d'avance
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 16 Fév 2010 22:54

Bonjour Littelou,

A part la présence d'une toolbar inutile (comme toutes les autres :wink: ), il n'y a rien de particulier à noter.
As tu d'autres symptômes qui te font penser être infecté?
As tu le nom du "truc" qu'on t'a demandé d'installer?

Sinon sur ce rapport pas de soucis

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 16 Fév 2010 23:04

j'ai fait un scan avec malwarebytes et il me donne ça :
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 990
Windows 5.1.2600 Service Pack 3

22:59:30 16/02/2010
mbam-log-2-16-2010 (22-59-30).txt

Type de recherche: Examen rapide
Eléments examinés: 48338
Temps écoulé: 14 minute(s), 42 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\zPharaoh.exe (Worm.Mabezat) -> Delete on reboot.

je sais pas ce que c que ce pharaox.exe
et je sais pas si un redémarrage suffira pour le supprimer

je vais scanner avec antivir puis je verrais

merci tout de mm pour l'analyse du scan hijackthis
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 16 Fév 2010 23:14

au fait le "truc" c'était une demande d'autorisation de diffusion qd j'ai ouvert le fichier avec windows media player
je sais pas si ca aide bcp mais c tout ce dont je me souviens!
merci encore
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 17 Fév 2010 09:33

Bonjour Littelou,

Concernant le ver Mazebat, il a tendance à se promener par les supports usb.
On va vérifier l'eventuelle passage d'infection par les supports usb.

Avant je voudrais que tu refasses le scan de MBAM, mais avant en branchant tout tes supports usb (clés,disques externes) , en faisant un scan complet et en le mettant à jour stp:

Malwarebytes' Anti-Malware 1.23

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Falkra » 17 Fév 2010 09:44

Bonjour,

petite intrusion, mais parce que MBAM est très vieux là.
Il faudra faire une mise à jour complète : désinstaller via ajout/suppression de programmes la 1.23, redémarrer si demandé, et installer la 1.44 (lien). Ces versions n'utilisent même plus les mêmes serveurs de mise à jour.

Je vous laisse, bonne désinfection ! :super:
Avatar de l’utilisateur
Falkra
Admin libellules.ch
Admin libellules.ch
 
Messages: 25882
Inscription: 30 Jan 2005 13:44
Localisation: 127.0.0.1

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 17 Fév 2010 19:51

voila le rapport MBAM :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3751
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17/02/2010 19:48:20
mbam-log-2010-02-17 (19-48-11).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|)
Eléments examinés: 239045
Temps écoulé: 2 hour(s), 8 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Jeux PC\Call of Duty 4\Installation\Keygen\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe (HackTool.Keygen) -> No action taken.
C:\Documents and Settings\Xavier\Local Settings\temp\BB.tmp (Rootkit.TDSS) -> No action taken.
C:\Documents and Settings\Xavier\Local Settings\Temporary Internet Files\Content.IE5\YSYLZQZH\License.v.3.Setup[1].exe (Rootkit.TDSS) -> No action taken.
H:\JEUX\Crysis [PC-DVD] [English] [www.topetorrent.com]\Razor1911\rzr-crys.exe (Backdoor.Graybird) -> No action taken.

je pense pas que les deux fichiers de jeux soit important c des génératuers de serial number mais les deux autre je sais pas!
voila
j'attends pour la suppression du vers
mais en tout cas mon pc n'a tjs aucun symptome anormal.

merci
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 18 Fév 2010 19:30

Bonjour Littelou,

Ok, sur ton rapport des fichiers temporaires pourris en plus de tes keygen.
Mefies toi des keygen ou autres cracks, certains sont piégés, je ne vais te les faire supprimer si c'est pour que tu les réinstalle, mais je pense que tu te doutes de mon avis là dessus.
"No action taken", donc ils sont encore là.
Pour les fichiers temp qui traînent fais ceci:

Télécharge ATF Cleaner crée par Atribune
  • Double-clique dessus afin de lancer le programme.
  • Sous l'onglet Main, choisis : Select All
  • Clique sur le bouton Empty Selected


Si tu utilises le navigateur Firefox :
Sauvegarde au préalable les paramètres de Firefox comme décrit [url="http://forums.cnetfrance.fr/index.php?showtopic=54066"][color="#0000FF"]ICI[/color][/url]
    Clique Firefox au haut et choisis : Select All
    Clique le bouton Empty Selected

NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Si tu utilises le navigateur Opera :


    Clique Opera au haut et choisis : Select All
    Clique le bouton Empty Selected

NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Clique Exit, du menu principal, afin de fermer le programme.



On va pousser la recherche sur les supports amovibles:

Télécharge ZHPDiag crée par Nicolas Coolman

  • Enregistre le sur ton bureau
  • Double clique sur l'icône
  • Suis les instructions à l'ecran
  • Clique sur Image pour lancer l'analyse
  • Clique sur Image pour copier le rapport
  • Puis colle le dans ta prochaine réponses
  • Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 19 Fév 2010 13:28

voila le rapport : bonne lecture

Rapport de ZHPDiag v1.24.44 par Nicolas Coolman
Run by Xavier at 19/02/2010 13:24:19
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v8.0.6001.18702

Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (46% free)
System drive C: has 10 GB (10%) free of 93 GB

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 93 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ Hard drive, Flash drive, Thumb drive (Free 16 Go of 38 Go)
G:\ Floppy drive, Flash card reader, USB Key (Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 206 Go of 373 Go)
I:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 39 Go)
J:\ Floppy drive, Flash card reader, USB Key (Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Processus lancés
[MD5.FCD532BE0C00E6583E9DFEBA273A8F10] - C:\Program Files\Toshiba\Tvs\TvsTray.exe
[MD5.EF6E025F902E99D078812F9CC4D61602] - C:\WINDOWS\vVX3000.exe
[MD5.8CBD57D84729DEBEE1E83CB5FA3E3D7A] - C:\Program Files\QuickTime\QTTask.exe
[MD5.C20477756D6BFEF6C693DA5920D384E0] - C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
[MD5.C418B204BED40A0979D203EBB1E9A32B] - C:\Program Files\iTunes\iTunesHelper.exe
[MD5.589B64EBB836582C46FAD4F16F837815] - C:\Program Files\pdfforge Toolbar\SearchSettings.exe
[MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - C:\WINDOWS\system32\ctfmon.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[MD5.33E5871C6043CEC2F944E5B048D99764] - C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
[MD5.D6C8942BEA3698A2E7559BD423BFA5D7] - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.293E66AA529F0FBA1AA56340E293A389] - C:\Program Files\Application Updater\ApplicationUpdater.exe
[MD5.1444104DF30F365A5094E14EC5433B8E] - C:\WINDOWS\system32\Ati2evxx.exe
[MD5.E3950F2EB2D11C40C23832B335335C15] - C:\WINDOWS\system32\ati2sgag.exe
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - C:\WINDOWS\System32\svchost.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.98D65C9B0F4A28300E0F5FDCB3A4874C] - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
[MD5.9F38FEB92D18468012543E1AFCF79BBC] - C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
[MD5.B09DF4AE62909CED13EB2DCDB612FAFE] - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - C:\WINDOWS\system32\services.exe
[MD5.00A92BD55853CAA7AA4892B266A09AD5] - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
[MD5.44B3B997E25C5D9A81D6C501451A96D7] - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
[MD5.7B4607C0C664DA98753508F85BB10694] - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
[MD5.641199534871783DD74138FE0BCFDAE7] - C:\Program Files\Microsoft LifeCam\MSCamS32.exe
[MD5.831883B107684301F48ACE752C963984] - C:\WINDOWS\system32\PnkBstrA.exe
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - C:\WINDOWS\system32\lsass.exe
[MD5.271077B91D7AD1B616F8AFDFE8E3F981] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.7F8260BA2F62C010174431FBF5095DC4] - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
[MD5.3978F082274F723AD5A0A8058C2417DD] - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
[MD5.460E4CE148BD07218DA0B6A3D31885A9] - C:\WINDOWS\system32\spoolsv.exe
[MD5.C65BAC90FDB6E9700D4AAA8C5868F7D7] - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Search Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe -run C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
O4 - HKLM\..\policies\Explorer: [NoCDBurning] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKCU\..\policies\Explorer: [NoDrives] Data=0
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?eddc409cf4f942c9b9b771d697465598
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?eddc409cf4f942c9b9b771d697465598

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\WINDOWS\system32\nwprovau.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] orange.fr

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA051CEA-13EF-4F9F-95C4-909AF884FD82}: NameServer = 81.253.149.1 80.10.246.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA051CEA-13EF-4F9F-95C4-909AF884FD82}: NameServer = 81.253.149.1 80.10.246.3

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\System32\Ati2evxx.dll
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater (Application Updater) - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Client Virtualization Handler (cvhsvc) - C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
O23 - Service: Diskeeper (Diskeeper) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher (LVSrvLauncher) - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCamSvc (MSCamSvc) - C:\Program Files\Microsoft LifeCam\MSCamS32.exe
O23 - Service: PnkBstrA (PnkBstrA) - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Application Virtualization Client (sftlist) - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_setup_exe.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Personnalisation du navigateur - >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Macromedia Shockwave Director 8.5 - {166B1BCA-3F9C-11CF-8075-444553540000} - C:\WINDOWS\system32\Macromed\Director\SwDir.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Macromedia Shockwave Director 8.5 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {44568A1C-53F6-49A5-A163-CD9ADC0F76D5} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: avgio (avgio) - C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) - C:\WINDOWS\System32\drivers\ws2ifsl.sys
O41 - Driver: (no object) (sscdbhk5) - C:\WINDOWS\system32\drivers\sscdbhk5.sys
O41 - Driver: (no object) (ssrtln) - C:\WINDOWS\system32\drivers\ssrtln.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: ACD/Labs Software in C:\Program Files\ACDFree\
O42 - Logiciel: ACE Mega CoDecS Pack
O42 - Logiciel: ATI - Software Uninstall Utility
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: ATI Display Driver (Omega 3.8.205)
O42 - Logiciel: AVIcodec (remove only)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX
O42 - Logiciel: Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 7.0.8 - Français
O42 - Logiciel: Adobe SVG Viewer 3.0
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assist TOSHIBA
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Call of Duty(R) 2
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM)
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Canon iP1600
O42 - Logiciel: Commandes TOSHIBA
O42 - Logiciel: Compatibility Pack for the 2007 Office system
O42 - Logiciel: Destruction Madness
O42 - Logiciel: Diskeeper Professional Edition
O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: EA SPORTS online 2007
O42 - Logiciel: Easy-WebPrint
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: FIFA 07
O42 - Logiciel: Formatage de carte mémoire SD TOSHIBA
O42 - Logiciel: GTA San Andreas
O42 - Logiciel: Gestion d'énergie TOSHIBA
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: InterVideo WinDVD for TOSHIBA
O42 - Logiciel: IsoBuster 1.9
O42 - Logiciel: J2SE Runtime Environment 5.0
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Logitech Audio Echo Cancellation Component
O42 - Logiciel: Logitech QuickCam
O42 - Logiciel: Logitech Video Enumerator
O42 - Logiciel: MSN
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB925672)
O42 - Logiciel: MSXML 4.0 SP2 (KB927978)
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML4 Parser
O42 - Logiciel: Macromedia Flash Player
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Manuels TOSHIBA
O42 - Logiciel: Matroska Pack (remove only)
O42 - Logiciel: Menus intelligents (Windows Live Toolbar)
O42 - Logiciel: MestReC 4.5.9.1
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft LifeCam
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office Click-to-Run 2010 (Beta)
O42 - Logiciel: Microsoft Office Home and Business 2010 (Beta) - Français
O42 - Logiciel: Microsoft Office OneNote 2003
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: NGO ATI Optimized Driver v1.5.7
O42 - Logiciel: NGO ATI Optimized Driver v1.5.8
O42 - Logiciel: NGO ATI Optimized Driver v2.5.6
O42 - Logiciel: Navigation par onglets (Windows Live Toolbar)
O42 - Logiciel: Nero 6 Ultra Edition
O42 - Logiciel: Notebook Hardware Control 2.0 Pre-Release-03
O42 - Logiciel: Orange - Logiciels Internet
O42 - Logiciel: Outil de diagnostic PC TOSHIBA
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PDFCreator
O42 - Logiciel: Programme de gestion Camera de Logitech®
O42 - Logiciel: PunkBuster Services
O42 - Logiciel: QuickTime
O42 - Logiciel: Radeon Omega Drivers v3.8.205 Setup Files and Tools
O42 - Logiciel: Réducteur de bruit lect. CD/DVD
O42 - Logiciel: SD Secure Module
O42 - Logiciel: SMSC IrCC V5.1.3600.5
O42 - Logiciel: Satsuki Decoder Pack
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Shockwave
O42 - Logiciel: Skype™ 4.0
O42 - Logiciel: Son virtuel TOSHIBA
O42 - Logiciel: SopCast 3.0.1
O42 - Logiciel: SoundMAX
O42 - Logiciel: Spybot - Search & Destroy 1.4
O42 - Logiciel: Synaptics Pointing Device Driver
O42 - Logiciel: TOEIC Mastery
O42 - Logiciel: TOSHIBA ConfigFree
O42 - Logiciel: TOSHIBA Hotkey Utility
O42 - Logiciel: TOSHIBA Software Modem
O42 - Logiciel: TOSHIBA TouchPad ON/Off Utility
O42 - Logiciel: TOSHIBA Utilities
O42 - Logiciel: TVAnts 1.0
O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers.
O42 - Logiciel: Touch and Launch
O42 - Logiciel: TuneUp Companion 1.5.10
O42 - Logiciel: TuneUp Utilities 2006
O42 - Logiciel: Téléphone sur PC 1.0.0
O42 - Logiciel: UMVPLStandalone
O42 - Logiciel: Utilitaire de zoom TOSHIBA
O42 - Logiciel: Veetle TV 0.9.15
O42 - Logiciel: VideoLAN VLC media player 0.8.5
O42 - Logiciel: VobSub v2.23 (Remove Only)
O42 - Logiciel: Vuze
O42 - Logiciel: Web media Player 0.62
O42 - Logiciel: Windows Internet Explorer 8
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: iTunes
O42 - Logiciel: pdfforge Toolbar v1.1.2

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ACDFree
O43 - CFD:Common File Directory ----D- C:\Program Files\ACE Mega CoDecS Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Activision
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\adslTV
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\American Language Academy
O43 - CFD:Common File Directory ----D- C:\Program Files\Analog Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\AntiVir PersonalEdition Classic
O43 - CFD:Common File Directory ----D- C:\Program Files\Application Updater
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AVIcodec
O43 - CFD:Common File Directory ----D- C:\Program Files\Azureus
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Davilex Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Diskeeper Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\EA SPORTS
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Gabest
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Matroska Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\MediaCoder
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\MestRe-C
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Application Virtualization Client
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\NGO ATI Optimized Driver v2.5.6
O43 - CFD:Common File Directory ----D- C:\Program Files\Notebook Hardware Control
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange HSS
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator
O43 - CFD:Common File Directory ----D- C:\Program Files\pdfforge Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Radeon Omega Drivers
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Rockstar Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Satsuki Decoder Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects
O43 - CFD:Common File Directory ----D- C:\Program Files\SopCast
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy2
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2006
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUpMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\TVAnts
O43 - CFD:Common File Directory ----D- C:\Program Files\Ubisoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Veetle
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Web media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\eSellerate
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 19/02/2010 - 12:59:58 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.DAA9D31F437F3E7B13496BCB8ED8984B] - 19/02/2010 - 12:34:37 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 19/02/2010 - 12:29:17 ---A- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
O44 - LFC:[MD5.EF7597F51EEAB6925A066B1C58C02AA8] - 19/02/2010 - 12:29:08 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.00000000000000000000000000000000] - 19/02/2010 - 12:28:53 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 19/02/2010 - 12:28:52 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/02/2010 - 12:27:32 ---A- C:\WINDOWS\0.log
O44 - LFC:[MD5.0877AC09CAA217471589644C398FA572] - 19/02/2010 - 12:27:30 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.00000000000000000000000000000000] - 18/02/2010 - 23:24:47 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 17/02/2010 - 22:57:56 ---A- C:\WINDOWS\NeroDigital.ini
O44 - LFC:[MD5.83DFEF0DB14405475BCC1E27D7C37581] - 30/01/2010 - 20:43:01 ---A- C:\WINDOWS\wmsetup.log

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Program Files\EA SPORTS\FIFA 07\fifa07.exe"="C:\Program Files\EA SPORTS\FIFA 07\fifa07.exe:*:Enabled:fifa07"
O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
O47 - AAKE:Key Export SP - "C:\Program Files\PeerTV\PeerCast.exe"="C:\Program Files\PeerTV\PeerCast.exe:*:Disabled:PeerCast"
O47 - AAKE:Key Export SP - "C:\Program Files\PeerTV\VLC\vlc.exe"="C:\Program Files\PeerTV\VLC\vlc.exe:*:Disabled:VLC media player"
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
O47 - AAKE:Key Export SP - "C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
O47 - AAKE:Key Export SP - "C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"
O47 - AAKE:Key Export SP - "C:\Program Files\Zattoo\Zattoo2.exe"="C:\Program Files\Zattoo\Zattoo2.exe:*:Enabled: "
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe"="C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe:*:Enabled:TelephoneSurPC"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
O47 - AAKE:Key Export SP - "C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 19 Fév 2010 13:29

voila la fin :
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{74fdb453-f48b-11dd-a88c-0013ce228107}\Shell\AutoRun\command - F:\WDSetup.exe
O51 - MPSK:{d6d24a60-f3a8-11dd-a88a-0013ce228107}\Shell\AutoRun\command - H:\WDSetup.exe
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\AutoRun\command - F:\ij.bat
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\explore\command - F:\ij.bat
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\open\command - F:\ij.bat

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.VP31"="vp31vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MPG4"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MP42"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo"="vfwwdm32.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux9"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Vidéo WDM pour le pilote de capture Windows (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="IMA ADPCM CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="ADPCM CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="CCITT G.711 A-Law and u-Law CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="GSM 6.10 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="TrueSpeech(TM) Software CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="Cinepak (TM)"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="Microsoft H.263"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo (TM) R3.2"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="Indeo® Video 4.5"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="Indeo(R) Video YUV Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="RLE"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="Video 1"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="Microsoft YVYU Video Decompressor"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="Toshiba Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="Microsoft G.723.1"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="Microsoft H.261"
O52 - TDSD:HKLM\...\drivers.desc\"iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.C1536905AD2067812A238BCE998F4BFF] - 13/04/2008 - 19:46:18 ---A- C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:[MD5.E5E6DBFC41EA8AAD005CB9A57A96B43B] - 14/04/2008 - 02:52:42 ---A- C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:[MD5.E4ABC1212B70BB03D35E60681C447210] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:[MD5.F13D8E7E1FAA31019C25EB17B5FB2662] - 06/10/2004 - 07:29:50 ---A- C:\WINDOWS\system32\drivers\aeaudio.sys
O58 - SDL:[MD5.8BED39E3C35D6A489438B8141717A557] - 13/04/2008 - 17:39:23 ---A- C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:[MD5.7E775010EF291DA96AD17CA4B17137D7] - 14/08/2008 - 11:04:36 ---A- C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:[MD5.B06D36C988152B4C8DEA71235F6D1011] - 28/10/2004 - 22:37:50 ---A- C:\WINDOWS\system32\drivers\AGRSM.sys
O58 - SDL:[MD5.C6C0F974AB7E825813F8E6B4E5581750] - 14/04/2008 - 02:54:28 ---A- C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:[MD5.D3DABC57BE6D456DFD4BC026CFA582FF] - 14/04/2008 - 02:54:29 ---A- C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:[MD5.37E1A3630872B3CCAA45E2468F437DF0] - 23/12/2004 - 00:45:36 ---A- C:\WINDOWS\system32\drivers\ar5211.sys
O58 - SDL:[MD5.B5B8A80875C1DEDEDA8B02765642C32F] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:[MD5.5B01AF89D16D562825C4DB4530F20CBB] - 17/07/2002 - 07:53:02 ---A- C:\WINDOWS\system32\drivers\ASPI32.SYS
O58 - SDL:[MD5.B153AFFAC761E7F5FCFA822B9C4E97BC] - 13/04/2008 - 19:57:27 ---A- C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - 19:40:30 ---A- C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:[MD5.1FA523C5E4AD953F896EA50C33475BEA] - 05/01/2006 - 04:46:40 ---A- C:\WINDOWS\system32\drivers\ati2mtag.sys
O58 - SDL:[MD5.9916C1225104BA14794209CFA8012159] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:[MD5.AE76348A2605FB197FA8FF1D6F547836] - 13/04/2008 - 19:51:30 ---A- C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 22:59:44 ---A- C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:[MD5.DBB742F7A678A071761648926A441672] - 23/02/2006 - 17:17:20 ---A- C:\WINDOWS\system32\drivers\avgntdd.sys
O58 - SDL:[MD5.05EDF0E1482625BD6953760A77656673] - 04/07/2005 - 11:58:47 ---A- C:\WINDOWS\system32\drivers\avgntmgr.sys
O58 - SDL:[MD5.BDB37B3B217F5181A5BC129C50844F98] - 21/07/2009 - 21:20:44 ---A- C:\WINDOWS\system32\drivers\avipbb.sys
O58 - SDL:[MD5.0D93976F7801B7FCD8135CC77257BBD0] - 13/04/2008 - 19:36:32 ---A- C:\WINDOWS\system32\drivers\battc.sys
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:[MD5.F934D1B230F84E1D19DD00AC5A7A83ED] - 13/04/2008 - 19:53:23 ---A- C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:[MD5.0BE5AEF125BE881C4F854C554F2B025C] - 13/04/2008 - 19:46:23 ---A- C:\WINDOWS\system32\drivers\ccdecode.sys
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:[MD5.C885B02847F5D2FD45A24E219ED93B32] - 13/04/2008 - 20:14:21 ---A- C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 13/04/2008 - 19:40:46 ---A- C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.FE47DD8FE6D7768FF94EBEC6C74B2719] - 13/04/2008 - 20:16:22 ---A- C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:[MD5.0F6C187D38D98F8DF904589A5F94D411] - 13/04/2008 - 19:36:37 ---A- C:\WINDOWS\system32\drivers\cmbatt.sys
O58 - SDL:[MD5.6E4C9F21F0FAE8940661144F41B13203] - 13/04/2008 - 19:36:37 ---A- C:\WINDOWS\system32\drivers\compbatt.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.D68AE021109A74E491B83F3F69FB92CD] - 14/04/2008 - 03:02:47 ---A- C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:[MD5.044452051F3E02E7963599FC8F4F3E25] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:[MD5.E65E2353A5D74EA89971CB918EEEB2F6] - 13/04/2008 - 19:40:44 ---A- C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:[MD5.F5DEADD42335FB33EDCA74ECB2F36CBA] - 14/04/2008 - 03:05:07 ---A- C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:[MD5.5A7C47C9B3F9FB92A66410A7509F0C71] - 14/04/2008 - 03:05:12 ---A- C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:[MD5.8A208DFCF89792A484E76C40E5F50B45] - 13/04/2008 - 19:45:01 ---A- C:\WINDOWS\system32\drivers\dmusic.sys
O58 - SDL:[MD5.6CB08593487F5701D2D2254E693EAFCE] - 13/04/2008 - 19:45:14 ---A- C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:[MD5.8F5FCFF8E8848AFAC920905FBD9D33C8] - 13/04/2008 - 19:45:13 ---A- C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:[MD5.AC7280566A7BB85CB3291F04DDC1198E] - 13/04/2008 - 19:38:29 ---A- C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:[MD5.FD9FC82F134B1C91004FFC76A5AE494B] - 25/10/2004 - 20:02:00 ---A- C:\WINDOWS\system32\drivers\Entech.sys
O58 - SDL:[MD5.80D1B490B60E74E002DC116EC5D41748] - 17/08/2001 - 22:46:40 ---A- C:\WINDOWS\system32\drivers\enum1394.sys
O58 - SDL:[MD5.38D332A6D56AF32635675F132548343E] - 13/04/2008 - 20:14:29 ---A- C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:[MD5.92CDD60B6730B9F50F6A1A0C1F8CDC81] - 13/04/2008 - 19:40:25 ---A- C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - 02:57:38 ---A- C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:[MD5.9D27E7B80BFCDF1CDD9B555862D5E7F0] - 13/04/2008 - 19:40:25 ---A- C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:[MD5.B2CF4B0786F8212CB92ED2B50C6DB6B0] - 13/04/2008 - 19:32:59 ---A- C:\WINDOWS\system32\drivers\fltmgr.sys
O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.1AF592532532A402ED7C060F6954004F] - 13/04/2008 - 19:45:26 ---A- C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:[MD5.96ECCF28FDBF1B2CC12725818A63628D] - 13/04/2008 - 19:45:22 ---A- C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:[MD5.CCF82C5EC8A7326C3066DE870C06DAF1] - 13/04/2008 - 19:45:27 ---A- C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:[MD5.F6AACF5BCE2893E0C1754AFEB672E5C9] - 13/04/2008 - 19:53:53 ---A- C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - 03:00:52 ---A- C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 13/04/2008 - 19:40:58 ---A- C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:[MD5.4B6DA2F0A4095857A9E3F3697399D575] - 14/04/2008 - 03:03:25 ---A- C:\WINDOWS\system32\drivers\intelide.sys
O58 - SDL:[MD5.AD340800C35A42D4DE1641A37FEEA34C] - 14/04/2008 - 03:03:26 ---A- C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:[MD5.3BB22519A194418D5FEC05D800A19AD0] - 13/04/2008 - 19:53:34 ---A- C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:[MD5.B87AB476DCF76E72010632B5550955F5] - 13/04/2008 - 19:57:07 ---A- C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 13/04/2008 - 19:57:15 ---A- C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:[MD5.23C74D75E36E7158768DD63D92789A91] - 13/04/2008 - 20:19:42 ---A- C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:[MD5.ACA5E7B54409F9CB5EED97ED0C81120E] - 13/04/2008 - 19:54:36 ---A- C:\WINDOWS\system32\drivers\irda.sys
O58 - SDL:[MD5.C93C9FF7B04D772627A3646D89F7BF89] - 13/04/2008 - 19:54:28 ---A- C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:[MD5.355836975A67B6554BCA60328CD6CB74] - 14/04/2008 - 03:04:35 ---A- C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:[MD5.16813155807C6881F4BFBF6657424659] - 14/04/2008 - 03:05:14 ---A- C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:[MD5.692BCF44383D056AED41B045A323D378] - 13/04/2008 - 19:45:09 ---A- C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:[MD5.0753515F78DF7F271A5E61C20BCD36A1] - 13/04/2008 - 20:16:36 ---A- C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:[MD5.B467646C54CC746128904E1654C750C1] - 24/06/2009 - 12:18:41 ---A- C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:[MD5.95F6C2E89B5B0EDF33BE7E0BEDF21991] - 22/06/2006 - 23:29:30 R--A- C:\WINDOWS\system32\drivers\LV561AV.SYS
O58 - SDL:[MD5.2D0AB9D29E6B0C42CCE955B5A8E0D62D] - 26/06/2006 - 10:33:28 ---A- C:\WINDOWS\system32\drivers\Lvckap.sys
O58 - SDL:[MD5.A3963E3D997C3646E1D3338EB88A48E9] - 26/06/2006 - 10:33:36 ---A- C:\WINDOWS\system32\drivers\LVMVdrv.sys
O58 - SDL:[MD5.39C767BD6D99C23D28E71B6E0CBA3129] - 26/06/2006 - 10:33:40 ---A- C:\WINDOWS\system32\drivers\LVPr2Mon.sys
O58 - SDL:[MD5.6AD3F5275F117F08C12EAB2233A9E3FB] - 22/06/2006 - 23:29:46 R--A- C:\WINDOWS\system32\drivers\LVUSBSta.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:[MD5.A7DA20AB18A1BDAE28B0F349E57DA0D1] - 13/04/2008 - 19:36:41 ---A- C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:[MD5.510ADE9327FE84C10254E1902697E25F] - 14/04/2008 - 02:53:05 ---A- C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:[MD5.027C01BD7EF3349AAEBC883D8A799EFB] - 14/04/2008 - 02:53:18 ---A- C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:[MD5.124D6846040C79B9C997F78EF4B2A4E5] - 23/08/2001 - 16:04:42 ---A- C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:[MD5.A80B9A0BAD1B73637DBCBBA7DF72D3FD] - 13/04/2008 - 19:39:46 ---A- C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:[MD5.11D42BB6206F33FBB3BA0288D3EF81BD] - 13/04/2008 - 19:32:44 ---A- C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:[MD5.60AE98742484E7AB80C3C1450E708148] - 24/10/2008 - 12:21:09 ---A- C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:[MD5.C941EA2454BA8350021D774DAF0F1027] - 13/04/2008 - 19:32:39 ---A- C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:[MD5.0A02C63C8B144BD8C86B103DEE7C86A2] - 13/04/2008 - 19:56:32 ---A- C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:[MD5.D1575E71568F4D9E14CA56B7B0453BF1] - 13/04/2008 - 19:39:52 ---A- C:\WINDOWS\system32\drivers\mskssrv.sys
O58 - SDL:[MD5.325BB26842FC7CCC1FCCE2C457317F3E] - 13/04/2008 - 19:39:50 ---A- C:\WINDOWS\system32\drivers\mspclock.sys
O58 - SDL:[MD5.BAD59648BA099DA4A17680B39730CB3D] - 13/04/2008 - 19:39:51 ---A- C:\WINDOWS\system32\drivers\mspqm.sys
O58 - SDL:[MD5.AF5F4F3F14A8EA2C26DE30F7A1E17136] - 13/04/2008 - 19:36:46 ---A- C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:[MD5.E53736A9E30C45FA9E7B5EAC55056D1D] - 13/04/2008 - 19:39:50 ---A- C:\WINDOWS\system32\drivers\mstee.sys
O58 - SDL:[MD5.2F625D11385B1A94360BFC70AAEFDEE1] - 13/04/2008 - 20:17:05 ---A- C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:[MD5.5B50F1B2A2ED47D560577B221DA734DB] - 13/04/2008 - 19:46:25 ---A- C:\WINDOWS\system32\drivers\nabtsfec.sys
O58 - SDL:[MD5.7420B0C35BE9D7E9651CEB1456948C87] - 26/07/2004 - 14:28:02 ---A- C:\WINDOWS\system32\drivers\NBSMI.sys
O58 - SDL:[MD5.1DF7F42665C94B825322FAE71721130D] - 13/04/2008 - 20:20:37 ---A- C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:[MD5.7FF1F1FD8609C149AA432F95A8163D97] - 13/04/2008 - 19:46:22 ---A- C:\WINDOWS\system32\drivers\ndisip.sys
O58 - SDL:[MD5.1AB3D00C991AB086E69DB84B6C0ED78F] - 13/04/2008 - 19:57:27 ---A- C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:[MD5.F927A4434C5028758A842943EF1A3849] - 13/04/2008 - 19:55:58 ---A- C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:[MD5.EDC1531A49C80614B2CFDA43CA8659AB] - 13/04/2008 - 20:20:42 ---A- C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:[MD5.6215023940CFD3702B46ABC304E1D45A] - 13/04/2008 - 19:57:29 ---A- C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:[MD5.5D81CF9A2F1A3A756B66CF684911CDF0] - 13/04/2008 - 19:56:02 ---A- C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 13/04/2008 - 20:21:00 ---A- C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:[MD5.1265EB253ED4EBE4ACB3BD5F548FF796] - 29/01/2003 - 22:35:00 ---A- C:\WINDOWS\system32\drivers\Netdevio.sys
O58 - SDL:[MD5.A00C3E41E62E28C7F4D9732B275F6F64] - 05/06/2007 - 15:00:57 ---A- C:\WINDOWS\system32\drivers\nhcDriver.sys
O58 - SDL:[MD5.E9E47CFB2D461FA0FC75B7A74C6383EA] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.1E421A6BCF2203CC61B821ADA9DE878B] - 13/04/2008 - 19:53:09 ---A- C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:[MD5.3182D64AE053D6FB034F44B6DEF8034A] - 13/04/2008 - 19:32:39 ---A- C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 13/04/2008 - 20:15:53 ---A- C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:[MD5.8B8B1BE2DBA4025DA6786C645F77F123] - 13/04/2008 - 19:56:06 ---A- C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:[MD5.CA33832DF41AFB202EE7AEB05145922F] - 13/04/2008 - 19:46:18 ---A- C:\WINDOWS\system32\drivers\ohci1394.sys
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:[MD5.CECB679633523AC5EB7EB85F92DCD806] - 14/04/2008 - 03:09:37 ---A- C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - 03:09:40 ---A- C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:[MD5.BEB3BA25197665D82EC7065B724171C6] - 13/04/2008 - 19:40:49 ---A- C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:[MD5.043410877BDA580C528F45165F7125BC] - 14/04/2008 - 03:09:47 ---A- C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:[MD5.F4BFDE7209C14A07AAA61E4D6AE69EAC] - 23/08/2001 - 17:15:46 ---A- C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:[MD5.52E60F29221D0D1AC16737E8DBF7C3E9] - 13/04/2008 - 19:40:29 ---A- C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:[MD5.F0406CBC60BDB0394A0E17FFB04CDD3D] - 14/04/2008 - 03:09:53 ---A- C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:[MD5.D929E935C140025C18678E6E97A75471] - 25/03/2009 - 20:06:02 ---A- C:\WINDOWS\system32\drivers\PnkBstrK.sys
O58 - SDL:[MD5.E82A496C3961EFC6828B508C310CE98F] - 13/04/2008 - 20:19:41 ---A- C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:[MD5.E19C9632AC828F6F214391E2BDDA11CB] - 14/04/2008 - 02:55:30 ---A- C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:[MD5.09298EC810B07E5D582CB3A3F9255424] - 13/04/2008 - 19:56:38 ---A- C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.0C8DA0A8B0D227319C285E0EAE65DEFD] - 03/11/2005 - 03:00:00 ---A- C:\WINDOWS\system32\drivers\pxhelp20.sys
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:[MD5.0207D26DDF796A193CCD9F83047BB5FC] - 17/08/2001 - 22:51:32 ---A- C:\WINDOWS\system32\drivers\rasirda.sys
O58 - SDL:[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 13/04/2008 - 20:19:43 ---A- C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:[MD5.5BC962F2654137C9909C3D4603587DEE] - 13/04/2008 - 19:57:32 ---A- C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:[MD5.EFEEC01B1D3CF84F16DDD24D9D9D8F99] - 13/04/2008 - 20:19:48 ---A- C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:[MD5.7AD224AD1A1437FE28D89CF22B17780A] - 13/04/2008 - 20:28:39 ---A- C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - 19:32:51 ---A- C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:[MD5.6728E45B66F93C08F11DE2E316FC70DD] - 14/04/2008 - 03:34:54 ---A- C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 14/04/2008 - 02:57:34 ---A- C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.96F7A9A7BF0C9C0440A967440065D33C] - 08/05/2008 - 15:02:52 ---A- C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:[MD5.601844CBCF617FF8C868130CA5B2039D] - 13/04/2008 - 19:56:49 ---A- C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:[MD5.76C465F570E90C28942D52CCB2580A10] - 13/04/2008 - 19:40:30 ---A- C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:[MD5.8D04819A3CE51B9EB47E5689B44D43C4] - 13/04/2008 - 19:36:44 ---A- C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.0F29512CCD6BEAD730039FB4BD2C85CE] - 13/04/2008 - 19:40:12 ---A- C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:[MD5.93D313C31F7AD9EA2B75F26075413C7C] - 14/04/2008 - 03:00:08 ---A- C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:[MD5.4C0D673281178CB496011A2E28571FC8] - 10/08/2005 - 13:44:04 ---A- C:\WINDOWS\system32\drivers\sfdrv01.sys
O58 - SDL:[MD5.0FA803C64DF0914B41F807EA276BF2A6] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:[MD5.C17C331E435ED8737525C86A7557B3AC] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 16/05/2005 - 14:20:39 ---A- C:\WINDOWS\system32\drivers\sfhlp02.sys
O58 - SDL:[MD5.8E6B8C671615D126FDC553D1E2DE5562] - 13/04/2008 - 19:40:48 ---A- C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:[MD5.1F13F3C7907588D017299B008EEED06C] - 23/09/2009 - 15:05:06 ---A- C:\WINDOWS\system32\drivers\Sftredirxp.sys
O58 - SDL:[MD5.D5A7E09D2C6A702809E49190D52ADC9F] - 03/11/2005 - 15:40:07 ---A- C:\WINDOWS\system32\drivers\sfvfs02.sys
O58 - SDL:[MD5.866D538EBE33709A5C9F5C62B73B7D14] - 13/04/2008 - 19:46:23 ---A- C:\WINDOWS\system32\drivers\slip.sys
O58 - SDL:[MD5.A8EB0AA07632A4C936FF6F8EDA5BDEAD] - 16/06/2004 - 11:19:58 ---A- C:\WINDOWS\system32\drivers\smcirda.sys
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:[MD5.014AB093E6452EA88031BB6E22919BB5] - 01/09/2004 - 11:17:46 ---A- C:\WINDOWS\system32\drivers\smwdm.sys
O58 - SDL:[MD5.489703624DAC94ED943C2ABDA022A1CD] - 13/04/2008 - 19:46:07 ---A- C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:[MD5.AB8B92451ECB048A4D1DE7C3FFCB4A9F] - 13/04/2008 - 19:45:07 ---A- C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:[MD5.00000000000000000000000000000000] - 25/01/2007 - 03:17:41 ---A- C:\WINDOWS\system32\drivers\sptd.sys
O58 - SDL:[MD5.39626E6DC1FB39434EC40C42722B660A] - 14/04/2008 - 03:10:03 ---A- C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:[MD5.3BB03F2BA89D2BE417206C373D2AF17C] - 11/12/2008 - 11:57:09 ---A- C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:[MD5.3D2829FDE1C52FC64DA5413889CE4DEE] - 01/05/2007 - 20:00:40 ---A- C:\WINDOWS\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.3E5D89099DED9E86E5639F411693218F] - 13/04/2008 - 19:45:15 ---A- C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:[MD5.77813007BA6265C4B6098187E6ED79D2] - 13/04/2008 - 19:46:21 ---A- C:\WINDOWS\system32\drivers\streamip.sys
O58 - SDL:[MD5.3941D127AEF12E93ADDF6FE6EE027E0F] - 13/04/2008 - 19:39:53 ---A- C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:[MD5.8CE882BCC6CF8A62F2B2323D95CB3D01] - 13/04/2008 - 19:45:09 ---A- C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:[MD5.F6770219B73BD989D5613D2E9C78A227] - 14/10/2004 - 23:14:04 ---A- C:\WINDOWS\system32\drivers\SynTP.sys
O58 - SDL:[MD5.8B83F3ED0F1688B4958F77CD6D2BF290] - 13/04/2008 - 20:15:55 ---A- C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:[MD5.FD6093E3DECD925F1CFFC8A0DD539D72] - 13/04/2008 - 19:40:50 ---A- C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:[MD5.9AEFA14BD6B182D61E3119FA5F436D3D] - 20/06/2008 - 12:51:12 ---A- C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:[MD5.FB9F32ACC1D3AD523F7EC900B66FC1BB] - 20/06/2008 - 12:08:27 ---A- C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:[MD5.0539D5E53587F82D1B4FD74C5BE205CF] - 13/04/2008 - 20:00:05 ---A- C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:[MD5.6471A66807F5E104E4885F5B67349397] - 14/04/2008 - 03:34:52 ---A- C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:[MD5.C56B6D0402371CF3700EB322EF3AAF61] - 14/04/2008 - 03:34:53 ---A- C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:[MD5.88155247177638048422893737429D9E] - 14/04/2008 - 03:34:52 ---A- C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:[MD5.467FF7FB078DCEC24C3F4DB602190E3D] - 13/09/2004 - 21:40:56 ---A- C:\WINDOWS\system32\drivers\tifm21.sys
O58 - SDL:[MD5.78E9819E076B909541BD4A37F8F0668B] - 08/04/2003 - 05:51:58 ---A- C:\WINDOWS\system32\drivers\tosbtsd2.sys
O58 - SDL:[MD5.142B91503C45C1A05A355414E13A51D1] - 31/08/2004 - 00:27:28 ---A- C:\WINDOWS\system32\drivers\tosdbt.sys
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:[MD5.62C57E7411B5F20980E70530CA69D5A7] - 16/10/2002 - 21:55:48 ---A- C:\WINDOWS\system32\drivers\Toshidpt.sys
O58 - SDL:[MD5.F3DB7683C34FCF389976DDF34AC6C718] - 02/08/2004 - 23:13:04 ---A- C:\WINDOWS\system32\drivers\Tosporte.sys
O58 - SDL:[MD5.E53CB56E8CE6D5F74A8479FAF4FF8961] - 23/10/2004 - 06:18:32 ---A- C:\WINDOWS\system32\drivers\TosRfbd.sys
O58 - SDL:[MD5.FE200EECE7521061CDAD658C6EE4F341] - 09/07/2004 - 01:07:32 ---A- C:\WINDOWS\system32\drivers\tosrfbnp.sys
O58 - SDL:[MD5.8EF8069EC1FDE5D924CBD9348F4787F8] - 19/04/2004 - 20:02:48 ---A- C:\WINDOWS\system32\drivers\tosrfcom.sys
O58 - SDL:[MD5.CC42FDBE9760CA1639E23158AB995F98] - 17/05/2004 - 23:18:24 ---A- C:\WINDOWS\system32\drivers\Tosrfec.sys
O58 - SDL:[MD5.66E443CE97A3270C977EA21ABBE8E42D] - 09/11/2004 - 04:01:30 ---A- C:\WINDOWS\system32\drivers\TosRfhid.sys
O58 - SDL:[MD5.AE5B75C86574A1BD0A093A9159F829F9] - 08/02/2002 - 00:24:20 ---A- C:\WINDOWS\system32\drivers\tosrflan.sys
O58 - SDL:[MD5.6C3B5204EA0CD610C847A6834913BC4E] - 06/05/2004 - 22:35:08 ---A- C:\WINDOWS\system32\drivers\tosrfnds.sys
O58 - SDL:[MD5.87031831486F7ED4EAFEF27125BB56C8] - 02/08/2002 - 05:53:22 ---A- C:\WINDOWS\system32\drivers\TosRFPCC.sys
O58 - SDL:[MD5.12DC9BFBC63E9E60D68CCB1E966E6AEF] - 18/10/2004 - 17:42:34 ---A- C:\WINDOWS\system32\drivers\TosRfSnd.sys
O58 - SDL:[MD5.9E8FC547B882B68006D935589110CFE0] - 26/10/2004 - 02:05:24 ---A- C:\WINDOWS\system32\drivers\tosrfusb.sys
O58 - SDL:[MD5.306E19413EADB0CA8842D5381A0354FC] - 01/07/2003 - 20:52:28 ---A- C:\WINDOWS\system32\drivers\tostrans.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.342574B9CE3ADEE78CB5D7D67C0B911E] - 28/07/2004 - 14:26:34 ---A- C:\WINDOWS\system32\drivers\TSXT_kern_i386.sys
O58 - SDL:[MD5.8F861EDA21C05857EB8197300A92501C] - 13/04/2008 - 19:56:01 ---A- C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:[MD5.2FA539E0701CBAB260A055749D245620] - 26/11/2004 - 13:04:38 ---A- C:\WINDOWS\system32\drivers\Tvs.sys
O58 - SDL:[MD5.5787B80C2E3C5E2F56C2A233D91FA2C9] - 13/04/2008 - 19:32:36 ---A- C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:[MD5.402DDC88356B1BAC0EE3DD1580C76A31] - 13/04/2008 - 19:39:46 ---A- C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:[MD5.BEE793D4A059CAEA55D6AC20E19B3A8F] - 13/04/2008 - 19:56:49 ---A- C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 28/08/2009 - 18:42:52 ---A- C:\WINDOWS\system32\drivers\usbaapl.sys
O58 - SDL:[MD5.E919708DB44ED8543A7C017953148330] - 13/04/2008 - 19:45:12 ---A- C:\WINDOWS\system32\drivers\usbaudio.sys
O58 - SDL:[MD5.1C1A47B40C23358245AA8D0443B6935E] - 13/04/2008 - 19:45:40 ---A- C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:[MD5.CE97845D2E3F0D274B8BAC1ED07C6149] - 13/04/2008 - 19:45:41 ---A- C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:[MD5.173F317CE0DB8E21322E71B7E60A27E8] - 13/04/2008 - 19:45:39 ---A- C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:[MD5.65DCF09D0E37D4C6B11B5B0B76D470A7] - 13/04/2008 - 19:45:35 ---A- C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:[MD5.1AB3CDDE553B6E064D2E754EFE20285C] - 13/04/2008 - 19:45:37 ---A- C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:[MD5.290913DC4F1125E5A82DE52579A44C43] - 13/04/2008 - 19:45:43 ---A- C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:[MD5.791912E524CC2CC6F50B5F2B52D1EB71] - 13/04/2008 - 19:45:36 ---A- C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:[MD5.A717C8721046828520C9EDF31288FC00] - 13/04/2008 - 19:47:37 ---A- C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:[MD5.A0B8CF9DEB1184FBDD20784A58FA75D4] - 13/04/2008 - 19:45:34 ---A- C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:[MD5.A32426D9B14A089EAA1D922E0C5801A9] - 13/04/2008 - 19:45:38 ---A- C:\WINDOWS\system32\drivers\usbstor.sys
O58 - SDL:[MD5.26496F9DEE2D787FC3E61AD54821FFE6] - 13/04/2008 - 19:45:35 ---A- C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.0D3A8FAFCEACD8B7625CD549757A7DF1] - 13/04/2008 - 19:44:40 ---A- C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:[MD5.E28726B72C46821A28830E077D39A55B] - 13/04/2008 - 19:44:40 ---A- C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - 02:56:04 ---A- C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:[MD5.13ACFED0E6ADCA97440169DFD127EBCF] - 10/04/2007 - 22:46:48 R--A- C:\WINDOWS\system32\drivers\VX3000.sys
O58 - SDL:[MD5.C89DA341FCC883A3D79DC11727484FC2] - 30/10/2004 - 02:48:10 ---A- C:\WINDOWS\system32\drivers\w29n51.sys
O58 - SDL:[MD5.E20B95BAEDB550F32DD489265C1DA1F6] - 13/04/2008 - 19:57:21 ---A- C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:[MD5.6768ACF64B18196494413695F0C3A00F] - 13/04/2008 - 20:17:18 ---A- C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:[MD5.97EB24F1A5C3E78A61158B2531D61BA4] - 21/05/2004 - 09:16:10 ---A- C:\WINDOWS\system32\drivers\WOWXT_kern_i386.sys
O58 - SDL:[MD5.CF4DEF1BF66F06964DC0D91844239104] - 18/10/2006 - 20:00:00 ---A- C:\WINDOWS\system32\drivers\wpdusb.sys
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:[MD5.C98B39829C2BBD34E454150633C62C78] - 13/04/2008 - 19:46:24 ---A- C:\WINDOWS\system32\drivers\wstcodec.sys
O58 - SDL:[MD5.BAC4E920C920168C302C90C0F37740F6] - 26/11/2004 - 15:29:00 ---A- C:\WINDOWS\system32\drivers\yk51x86.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.67C48B04DE79D5E483B19032B30ADD99] - 23/11/2005 - 07:48:35 ---A- C:\WINDOWS\system32\atiicdxx.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio804.sys
O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 06/11/2008 - 17:53:02 ---A- C:\WINDOWS\system32\pcampr5.sys
O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 06/11/2008 - 17:53:02 ---A- C:\WINDOWS\system32\pcandis5.sys
O58 - SDL:[MD5.9A10AACBFDC4922715375FB4065EC930] - 13/04/2008 - 19:44:59 ---A- C:\WINDOWS\system32\watchdog.sys
O58 - SDL:[MD5.E2D4E6609DCF4175FCC8BCA489F28D9C] - 19/04/2009 - 20:50:30 ---A- C:\WINDOWS\system32\win32k.sys

---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24

---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - AFD (AFD) - LEGACY_AFD
O64 - Services: CurCS - Service de la passerelle de la couche Application (ALG) - LEGACY_ALG
O64 - Services: CurCS - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - LEGACY_ANTIVIRSCHEDULER
O64 - Services: CurCS - AntiVir PersonalEdition Classic Guard (AntiVirService) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - Apple Mobile Device (Apple Mobile Device) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - Application Updater (Application Updater) - LEGACY_APPLICATION_UPDATER
O64 - Services: CurCS - Gestion d'applications (AppMgmt) - LEGACY_APPMGMT
O64 - Services: CurCS - Protocole client ARP 1394 (Arp1394) - LEGACY_ARP1394
O64 - Services: CurCS - Aspi32 (Aspi32) - LEGACY_ASPI32
O64 - Services: CurCS - Ati HotKey Poller (Ati HotKey Poller) - LEGACY_ATI_HOTKEY_POLLER
O64 - Services: CurCS - ATI Smart (ATI Smart) - LEGACY_ATI_SMART
O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV
O64 - Services: CurCS - avgio (avgio) - LEGACY_AVGIO
O64 - Services: CurCS - No object (No service) - LEGACY_AVGNTDW
O64 - Services: CurCS - avgntflt (avgntflt) - LEGACY_AVGNTFLT
O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP
O64 - Services: CurCS - Service de transfert intelligent en arrière-plan (BITS) - LEGACY_BITS
O64 - Services: CurCS - Service Bonjour (Bonjour Service) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - Explorateur d'ordinateur (Browser) - LEGACY_BROWSER
O64 - Services: CurCS - No object (No service) - LEGACY_CATCHME
O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS
O64 - Services: CurCS - ConfigFree Service (CFSvcs) - LEGACY_CFSVCS
O64 - Services: CurCS - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32
O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP
O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC
O64 - Services: CurCS - CrystalSysInfo (CrystalSysInfo) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - Client Virtualization Handler (cvhsvc) - LEGACY_CVHSVC
O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP
O64 - Services: CurCS - Diskeeper (Diskeeper) - LEGACY_DISKEEPER
O64 - Services: CurCS - Service d'administration du Gestionnaire de disque logique (dmadmin) - LEGACY_DMADMIN
O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT
O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD
O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER
O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE
O64 - Services: CurCS - drvnddm (drvnddm) - LEGACY_DRVNDDM
O64 - Services: CurCS - ENTECH (ENTECH) - LEGACY_ENTECH
O64 - Services: CurCS - Service de rapport d'erreurs (ERSvc) - LEGACY_ERSVC
O64 - Services: CurCS - Système d'événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS
O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR
O64 - Services: CurCS - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC
O64 - Services: CurCS - France Telecom Routing Table Service (FTRTSVC) - LEGACY_FTRTSVC
O64 - Services: CurCS - No object (No service) - LEGACY_GMER
O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC
O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC
O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP
O64 - Services: CurCS - HTTP SSL (HTTPFilter) - LEGACY_HTTPFILTER
O64 - Services: CurCS - InstallDriver Table Manager (IDriverT) - LEGACY_IDRIVERT
O64 - Services: CurCS - Windows CardSpace (idsvc) - LEGACY_IDSVC
O64 - Services: CurCS - File Filter Driver (IKFileFlt) - LEGACY_IKFILEFLT
O64 - Services: CurCS - File Security Driver (IKFileSec) - LEGACY_IKFILESEC
O64 - Services: CurCS - System Filter Driver (IkSysFlt) - LEGACY_IKSYSFLT
O64 - Services: CurCS - System Security Driver (IKSysSec) - LEGACY_IKSYSSEC
O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - IntelIde (IntelIde) - LEGACY_INTELIDE
O64 - Services: CurCS - Traducteur d'adresses réseau IP (IpNat) - LEGACY_IPNAT
O64 - Services: CurCS - iPod Service (iPod Service) - LEGACY_IPOD_SERVICE
O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC
O64 - Services: CurCS - Protocole IrDA (irda) - LEGACY_IRDA
O64 - Services: CurCS - Moniteur infrarouge (Irmon) - LEGACY_IRMON
O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD
O64 - Services: CurCS - Serveur (lanmanserver) - LEGACY_LANMANSERVER
O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS
O64 - Services: CurCS - Logitech LVPr2Mon Driver (LVPr2Mon) - LEGACY_LVPR2MON
O64 - Services: CurCS - Logitech Process Monitor (LVPrcSrv) - LEGACY_LVPRCSRV
O64 - Services: CurCS - LVSrvLauncher (LVSrvLauncher) - LEGACY_LVSRVLAUNCHER
O64 - Services: CurCS - mchInjDrv (mchInjDrv) - LEGACY_MCHINJDRV
O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD
O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR
O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV
O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB
O64 - Services: CurCS - MSCamSvc (MSCamSvc) - LEGACY_MSCAMSVC
O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC
O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS
O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER
O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP
O64 - Services: CurCS - No object (No service) - LEGACY_NAVENG
O64 - Services: CurCS - No object (No service) - LEGACY_NAVEX15
O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS
O64 - Services: CurCS - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI
O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO
O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY
O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS
O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT
O64 - Services: CurCS - TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - LEGACY_NETDEVIO
O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN
O64 - Services: CurCS - Notebook Hardware Control Driver (nhcDriverDevice) - LEGACY_NHCDRIVERDEVICE
O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA
O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS
O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS
O64 - Services: CurCS - Stockage amovible (NtmsSvc) - LEGACY_NTMSSVC
O64 - Services: CurCS - Null (Null) - LEGACY_NULL
O64 - Services: CurCS - Pilote de filtre de trafic IPX (NwlnkFlt) - LEGACY_NWLNKFLT
O64 - Services: CurCS - Pilote de transfert de trafic IPX (NwlnkFwd) - LEGACY_NWLNKFWD
O64 - Services: CurCS - Protocole de transport compatible NWLink IPX/SPX/NetBIOS (NwlnkIpx) - LEGACY_NWLNKIPX
O64 - Services: CurCS - NetBIOS NWLink (NwlnkNb) - LEGACY_NWLNKNB
O64 - Services: CurCS - Protocole NWLink SPX/SPXII (NwlnkSpx) - LEGACY_NWLNKSPX
O64 - Services: CurCS - Office Source Engine (ose) - LEGACY_OSE
O64 - Services: CurCS - Office Software Protection Platform (osppsvc) - LEGACY_OSPPSVC
O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR
O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM
O64 - Services: CurCS - No object (No service) - LEGACY_PCAMPR5
O64 - Services: CurCS - PCANDIS5 NDIS Protocol Driver (PCANDIS5) - LEGACY_PCANDIS5
O64 - Services: CurCS - PnkBstrA (PnkBstrA) - LEGACY_PNKBSTRA
O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT
O64 - Services: CurCS - PROCEXP90 (PROCEXP90) - LEGACY_PROCEXP90
O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - Pilote de connexion automatique d'accès distant (RasAcd) - LEGACY_RASACD
O64 - Services: CurCS - Gestionnaire de connexion automatique d'accès distant (RasAuto) - LEGACY_RASAUTO
O64 - Services: CurCS - Gestionnaire de connexions d'accès distant (RasMan) - LEGACY_RASMAN
O64 - Services: CurCS - Rdbss (Rdbss) - LEGACY_RDBSS
O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD
O64 - Services: CurCS - RDPNP (RDPNP) - LEGACY_RDPNP
O64 - Services: CurCS - RDPWD (RDPWD) - LEGACY_RDPWD
O64 - Services: CurCS - Routage et accès distant (RemoteAccess) - LEGACY_REMOTEACCESS
O64 - Services: CurCS - Localisateur d'appels de procédure distante (RPC) (RpcLocator) - LEGACY_RPCLOCATOR
O64 - Services: CurCS - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS
O64 - Services: CurCS - QoS RSVP (RSVP) - LEGACY_RSVP
O64 - Services: CurCS - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS
O64 - Services: CurCS - No object (No service) - LEGACY_SAVRT
O64 - Services: CurCS - No object (No service) - LEGACY_SAVRTPEL
O64 - Services: CurCS - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE
O64 - Services: CurCS - SeaPort (SeaPort) - LEGACY_SEAPORT
O64 - Services: CurCS - Secdrv (Secdrv) - LEGACY_SECDRV
O64 - Services: CurCS - Connexion secondaire (seclogon) - LEGACY_SECLOGON
O64 - Services: CurCS - Notification d'événement système (SENS) - LEGACY_SENS
O64 - Services: CurCS - Serial (Serial) - LEGACY_SERIAL
O64 - Services: CurCS - StarForce Protection Environment Driver (version 1.x) (sfdrv01) - LEGACY_SFDRV01
O64 - Services: CurCS - StarForce Protection Helper Driver (version 2.x) (sfhlp02) - LEGACY_SFHLP02
O64 - Services: CurCS - sftfs (sftfs) - LEGACY_SFTFS
O64 - Services: CurCS - Application Virtualization Client (sftlist) - LEGACY_SFTLIST
O64 - Services: CurCS - sftplay (sftplay) - LEGACY_SFTPLAY
O64 - Services: CurCS - Sftredir (Sftredir) - LEGACY_SFTREDIR
O64 - Services: CurCS - sftvol (sftvol) - LEGACY_SFTVOL
O64 - Services: CurCS - Application Virtualization Service Agent (sftvsa) - LEGACY_SFTVSA
O64 - Services: CurCS - StarForce Protection VFS Driver (version 2.x) (sfvfs02) - LEGACY_SFVFS02
O64 - Services: CurCS - Pare-feu Windows / Partage de connexion Internet (SharedAccess) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - SoundMAX Agent Service (SoundMAX Agent Service (default)) - LEGACY_SOUNDMAX_AGENT_SERVICE_(DEFAULT)
O64 - Services: CurCS - Spouleur d'impression (Spooler) - LEGACY_SPOOLER
O64 - Services: CurCS - sptd (sptd) - LEGACY_SPTD
O64 - Services: CurCS - Pilote de filtre de restauration système (sr) - LEGACY_SR
O64 - Services: CurCS - Service de restauration système (srservice) - LEGACY_SRSERVICE
O64 - Services: CurCS - Srv (Srv) - LEGACY_SRV
O64 - Services: CurCS - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV
O64 - Services: CurCS - ssrtln (ssrtln) - LEGACY_SSRTLN
O64 - Services: CurCS - Acquisition d'image Windows (WIA) (stisvc) - LEGACY_STISVC
O64 - Services: CurCS - No object (No service) - LEGACY_SYMEVENT
O64 - Services: CurCS - No object (No service) - LEGACY_SYMREDRV
O64 - Services: CurCS - SYMTDI (SYMTDI) - LEGACY_SYMTDI
O64 - Services: CurCS - Journaux et alertes de performance (SysmonLog) - LEGACY_SYSMONLOG
O64 - Services: CurCS - Téléphonie (TapiSrv) - LEGACY_TAPISRV
O64 - Services: CurCS - TOSHIBA Application Service (TAPPSRV) - LEGACY_TAPPSRV
O64 - Services: CurCS - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP
O64 - Services: CurCS - TDTCP (TDTCP) - LEGACY_TDTCP
O64 - Services: CurCS - Services Terminal Server (TermService) - LEGACY_TERMSERVICE
O64 - Services: CurCS - tfsnboio (tfsnboio) - LEGACY_TFSNBOIO
O64 - Services: CurCS - tfsncofs (tfsncofs) - LEGACY_TFSNCOFS
O64 - Services: CurCS - tfsndrct (tfsndrct) - LEGACY_TFSNDRCT
O64 - Services: CurCS - tfsndres (tfsndres) - LEGACY_TFSNDRES
O64 - Services: CurCS - tfsnifs (tfsnifs) - LEGACY_TFSNIFS
O64 - Services: CurCS - tfsnopio (tfsnopio) - LEGACY_TFSNOPIO
O64 - Services: CurCS - tfsnpool (tfsnpool) - LEGACY_TFSNPOOL
O64 - Services: CurCS - tfsnudf (tfsnudf) - LEGACY_TFSNUDF
O64 - Services: CurCS - tfsnudfa (tfsnudfa) - LEGACY_TFSNUDFA
O64 - Services: CurCS - Thèmes (Themes) - LEGACY_THEMES
O64 - Services: CurCS - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS
O64 - Services: CurCS - TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - LEGACY_TUWINSTYLERTHEMESVC
O64 - Services: CurCS - Udfs (Udfs) - LEGACY_UDFS
O64 - Services: CurCS - Hôte de périphérique universel Plug-and-Play (upnphost) - LEGACY_UPNPHOST
O64 - Services: CurCS - vga (vga) - LEGACY_VGA
O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE
O64 - Services: CurCS - VolSnap (VolSnap) - LEGACY_VOLSNAP
O64 - Services: CurCS - Horloge Windows (W32Time) - LEGACY_W32TIME
O64 - Services: CurCS - Pilote ARP IP d'accès distant (Wanarp) - LEGACY_WANARP
O64 - Services: CurCS - WebClient (WebClient) - LEGACY_WEBCLIENT
O64 - Services: CurCS - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT
O64 - Services: CurCS - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV
O64 - Services: CurCS - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) - LEGACY_WS2IFSL
O64 - Services: CurCS - Centre de sécurité (wscsvc) - LEGACY_WSCSVC
O64 - Services: CurCS - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV
O64 - Services: CurCS - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC


End of the scan: 1237 lines

merci de prendre de ton temps pour faire ça!
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 19 Fév 2010 16:55

Bonjour Littelou,

Une infection de type USB est présente, en plus d'une toolbar trop indiscrète, branches bien tout tes supports exactement comme tu les avais branché pour le scan et fais ceci:

  • Copie ces lignes ci dessous:

O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\AutoRun\command - F:\ij.bat
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\explore\command - F:\ij.bat
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\open\command - F:\ij.bat
O43 - CFD:Common File Directory ----D- C:\Program Files\pdfforge Toolbar

  • Ouvre ZHPDiag, puis clique sur l'icône Image
    Si l'icône n'apparait pas, relance un scan avec ZHPDiag, à la fin du scan elle apparaitra
  • Clique successivement sur l'icône Image,pour effacer le rapport qui s'est affiché
  • Clique ensuite sur Image pour coller la sélection
  • Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
  • Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
  • Clique sur "Tous" puis sur "Nettoyer".
    Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
  • Copie/colle le rapport dans ton prochain post.

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 20 Fév 2010 21:16

salut voila le rapport :
ZHPFix v1.12.26 by Nicolas Coolman - Rapport de suppression du 20/02/2010 21:11:19
Fichier Registre : C:\ZHPExportRegistry-20-02-2010-21-10-05.txt
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html


Processus mémoire :
(Néant)

Module mémoire :
(Néant)

Clé du Registre :
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\AutoRun\command - F:\ij.bat
=> Clé absente
O51 - MPSK:{fa76b7e4-37be-11de-a8e1-0013ce228107}\Shell\explore\command - F:\ij.bat
=> Clé absente

Valeur du Registre :
(Néant)

Elément de données du Registre :
(Néant)

Dossier :
(Néant)

Fichier :
f:\ij.bat => Fichier absent

Logiciel :
(Néant)

Script Registre :
(Néant)

Autre :
(Néant)


Récapitulatif :
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 2
Valeur du Registre : 0
Elément de données du Registre : 0
Dossier : 0
Fichier : 1
Logiciel : 0
Autre : 0


End of the scan

cependant ce WE j'ai fait du ménage sur mes clé usb et et mes disques dur et en plus je déménage, et j'ai balancé l'un de mes vieux disques dur. donc pour etre sure que l'on a tou supprimé je te remets un scan comme celui de la dernière fois avec ZHP diag

merci et désolé j'aurais du attendre avant de faire ça!
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 20 Fév 2010 21:19

voila le nouveau rapport :
Rapport de ZHPDiag v1.24.44 par Nicolas Coolman
Run by Xavier at 20/02/2010 21:16:43
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v8.0.6001.18702

Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (44% free)
System drive C: has 10 GB (10%) free of 93 GB

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 93 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 166 Go of 373 Go)
J:\ Floppy drive, Flash card reader, USB Key (Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Processus lancés
[MD5.FCD532BE0C00E6583E9DFEBA273A8F10] - C:\Program Files\Toshiba\Tvs\TvsTray.exe
[MD5.EF6E025F902E99D078812F9CC4D61602] - C:\WINDOWS\vVX3000.exe
[MD5.8CBD57D84729DEBEE1E83CB5FA3E3D7A] - C:\Program Files\QuickTime\QTTask.exe
[MD5.C20477756D6BFEF6C693DA5920D384E0] - C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
[MD5.C418B204BED40A0979D203EBB1E9A32B] - C:\Program Files\iTunes\iTunesHelper.exe
[MD5.589B64EBB836582C46FAD4F16F837815] - C:\Program Files\pdfforge Toolbar\SearchSettings.exe
[MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - C:\WINDOWS\system32\ctfmon.exe
[MD5.18B4B12358EFCF68D76812058A26181F] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[MD5.33E5871C6043CEC2F944E5B048D99764] - C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
[MD5.6AAA2F3476638AF74E306B796989BBBD] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe
[MD5.D6C8942BEA3698A2E7559BD423BFA5D7] - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[MD5.293E66AA529F0FBA1AA56340E293A389] - C:\Program Files\Application Updater\ApplicationUpdater.exe
[MD5.1444104DF30F365A5094E14EC5433B8E] - C:\WINDOWS\system32\Ati2evxx.exe
[MD5.E3950F2EB2D11C40C23832B335335C15] - C:\WINDOWS\system32\ati2sgag.exe
[MD5.E4BDF223CD75478BF44567B4D5C2634D] - C:\WINDOWS\System32\svchost.exe
[MD5.3F56903E124E820AEECE6D471583C6C1] - C:\Program Files\Bonjour\mDNSResponder.exe
[MD5.98D65C9B0F4A28300E0F5FDCB3A4874C] - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
[MD5.9F38FEB92D18468012543E1AFCF79BBC] - C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
[MD5.B09DF4AE62909CED13EB2DCDB612FAFE] - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
[MD5.C3FB1D70CB88722267949694BA51759E] - C:\WINDOWS\system32\services.exe
[MD5.00A92BD55853CAA7AA4892B266A09AD5] - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
[MD5.44B3B997E25C5D9A81D6C501451A96D7] - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
[MD5.7B4607C0C664DA98753508F85BB10694] - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
[MD5.641199534871783DD74138FE0BCFDAE7] - C:\Program Files\Microsoft LifeCam\MSCamS32.exe
[MD5.831883B107684301F48ACE752C963984] - C:\WINDOWS\system32\PnkBstrA.exe
[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - C:\WINDOWS\system32\lsass.exe
[MD5.271077B91D7AD1B616F8AFDFE8E3F981] - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
[MD5.7F8260BA2F62C010174431FBF5095DC4] - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
[MD5.3978F082274F723AD5A0A8058C2417DD] - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
[MD5.460E4CE148BD07218DA0B6A3D31885A9] - C:\WINDOWS\system32\spoolsv.exe
[MD5.C65BAC90FDB6E9700D4AAA8C5868F7D7] - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange HSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Search Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe -run C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe
O4 - HKLM\..\policies\Explorer: [NoCDBurning] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKCU\..\policies\Explorer: [NoDrives] Data=0
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?eddc409cf4f942c9b9b771d697465598
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?eddc409cf4f942c9b9b771d697465598

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\WINDOWS\system32\nwprovau.dll
O10 - WLSP:\000000000005\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] orange.fr

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} () - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA051CEA-13EF-4F9F-95C4-909AF884FD82}: NameServer = 81.253.149.9 80.10.246.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA051CEA-13EF-4F9F-95C4-909AF884FD82}: NameServer = 81.253.149.9 80.10.246.3

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\System32\Ati2evxx.dll
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater (Application Updater) - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Client Virtualization Handler (cvhsvc) - C:\Program Files\Fichiers communs\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
O23 - Service: Diskeeper (Diskeeper) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher (LVSrvLauncher) - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MSCamSvc (MSCamSvc) - C:\Program Files\Microsoft LifeCam\MSCamS32.exe
O23 - Service: PnkBstrA (PnkBstrA) - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Application Virtualization Client (sftlist) - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_setup_exe.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Personnalisation du navigateur - >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Macromedia Shockwave Director 8.5 - {166B1BCA-3F9C-11CF-8075-444553540000} - C:\WINDOWS\system32\Macromed\Director\SwDir.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Macromedia Shockwave Director 8.5 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {44568A1C-53F6-49A5-A163-CD9ADC0F76D5} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: avgio (avgio) - C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) - C:\WINDOWS\System32\drivers\ws2ifsl.sys
O41 - Driver: (no object) (sscdbhk5) - C:\WINDOWS\system32\drivers\sscdbhk5.sys
O41 - Driver: (no object) (ssrtln) - C:\WINDOWS\system32\drivers\ssrtln.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: ACD/Labs Software in C:\Program Files\ACDFree\
O42 - Logiciel: ACE Mega CoDecS Pack
O42 - Logiciel: ATI - Software Uninstall Utility
O42 - Logiciel: ATI Catalyst Control Center
O42 - Logiciel: ATI Display Driver (Omega 3.8.205)
O42 - Logiciel: AVIcodec (remove only)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 9 ActiveX
O42 - Logiciel: Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 7.0.8 - Français
O42 - Logiciel: Adobe SVG Viewer 3.0
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assist TOSHIBA
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba
O42 - Logiciel: Bonjour
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Call of Duty(R) 2
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM)
O42 - Logiciel: Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
O42 - Logiciel: Canon iP1600
O42 - Logiciel: Commandes TOSHIBA
O42 - Logiciel: Compatibility Pack for the 2007 Office system
O42 - Logiciel: Destruction Madness
O42 - Logiciel: Diskeeper Professional Edition
O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: EA SPORTS online 2007
O42 - Logiciel: Easy-WebPrint
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar)
O42 - Logiciel: FIFA 07
O42 - Logiciel: Formatage de carte mémoire SD TOSHIBA
O42 - Logiciel: GTA San Andreas
O42 - Logiciel: Gestion d'énergie TOSHIBA
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: InterVideo WinDVD for TOSHIBA
O42 - Logiciel: IsoBuster 1.9
O42 - Logiciel: J2SE Runtime Environment 5.0
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Logitech Audio Echo Cancellation Component
O42 - Logiciel: Logitech QuickCam
O42 - Logiciel: Logitech Video Enumerator
O42 - Logiciel: MSN
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB925672)
O42 - Logiciel: MSXML 4.0 SP2 (KB927978)
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML4 Parser
O42 - Logiciel: Macromedia Flash Player
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Manuels TOSHIBA
O42 - Logiciel: Matroska Pack (remove only)
O42 - Logiciel: Menus intelligents (Windows Live Toolbar)
O42 - Logiciel: MestReC 4.5.9.1
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Microsoft LifeCam
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Microsoft Office Click-to-Run 2010 (Beta)
O42 - Logiciel: Microsoft Office Home and Business 2010 (Beta) - Français
O42 - Logiciel: Microsoft Office OneNote 2003
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: NGO ATI Optimized Driver v1.5.7
O42 - Logiciel: NGO ATI Optimized Driver v1.5.8
O42 - Logiciel: NGO ATI Optimized Driver v2.5.6
O42 - Logiciel: Navigation par onglets (Windows Live Toolbar)
O42 - Logiciel: Nero 6 Ultra Edition
O42 - Logiciel: Notebook Hardware Control 2.0 Pre-Release-03
O42 - Logiciel: Orange - Logiciels Internet
O42 - Logiciel: Outil de diagnostic PC TOSHIBA
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PDFCreator
O42 - Logiciel: Programme de gestion Camera de Logitech®
O42 - Logiciel: PunkBuster Services
O42 - Logiciel: QuickTime
O42 - Logiciel: Radeon Omega Drivers v3.8.205 Setup Files and Tools
O42 - Logiciel: Réducteur de bruit lect. CD/DVD
O42 - Logiciel: SD Secure Module
O42 - Logiciel: SMSC IrCC V5.1.3600.5
O42 - Logiciel: Satsuki Decoder Pack
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Shockwave
O42 - Logiciel: Skype™ 4.0
O42 - Logiciel: Son virtuel TOSHIBA
O42 - Logiciel: SopCast 3.0.1
O42 - Logiciel: SoundMAX
O42 - Logiciel: Spybot - Search & Destroy 1.4
O42 - Logiciel: Synaptics Pointing Device Driver
O42 - Logiciel: TOEIC Mastery
O42 - Logiciel: TOSHIBA ConfigFree
O42 - Logiciel: TOSHIBA Hotkey Utility
O42 - Logiciel: TOSHIBA Software Modem
O42 - Logiciel: TOSHIBA TouchPad ON/Off Utility
O42 - Logiciel: TOSHIBA Utilities
O42 - Logiciel: TVAnts 1.0
O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers.
O42 - Logiciel: Touch and Launch
O42 - Logiciel: TuneUp Companion 1.5.10
O42 - Logiciel: TuneUp Utilities 2006
O42 - Logiciel: Téléphone sur PC 1.0.0
O42 - Logiciel: UMVPLStandalone
O42 - Logiciel: Utilitaire de zoom TOSHIBA
O42 - Logiciel: Veetle TV 0.9.15
O42 - Logiciel: VideoLAN VLC media player 0.8.5
O42 - Logiciel: VobSub v2.23 (Remove Only)
O42 - Logiciel: Vuze
O42 - Logiciel: Web media Player 0.62
O42 - Logiciel: Windows Internet Explorer 8
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: iTunes
O42 - Logiciel: pdfforge Toolbar v1.1.2

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\ACDFree
O43 - CFD:Common File Directory ----D- C:\Program Files\ACE Mega CoDecS Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Activision
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\adslTV
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\American Language Academy
O43 - CFD:Common File Directory ----D- C:\Program Files\Analog Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\AntiVir PersonalEdition Classic
O43 - CFD:Common File Directory ----D- C:\Program Files\Application Updater
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AVIcodec
O43 - CFD:Common File Directory ----D- C:\Program Files\Azureus
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Davilex Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Diskeeper Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\EA SPORTS
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Gabest
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Matroska Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\MediaCoder
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\MestRe-C
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Application Virtualization Client
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\NGO ATI Optimized Driver v2.5.6
O43 - CFD:Common File Directory ----D- C:\Program Files\Notebook Hardware Control
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange
O43 - CFD:Common File Directory ----D- C:\Program Files\Orange HSS
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator
O43 - CFD:Common File Directory ----D- C:\Program Files\pdfforge Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Radeon Omega Drivers
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Rockstar Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Satsuki Decoder Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects
O43 - CFD:Common File Directory ----D- C:\Program Files\SopCast
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy2
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2006
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUpMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\TVAnts
O43 - CFD:Common File Directory ----D- C:\Program Files\Ubisoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Veetle
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Web media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\eSellerate
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.BA1E1E20A2FF9FC94338FF5FA351442A] - 20/02/2010 - 21:10:05 ---A- C:\ZHPExportRegistry-20-02-2010-21-10-05.txt
O44 - LFC:[MD5.00000000000000000000000000000000] - 20/02/2010 - 20:28:35 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 20/02/2010 - 20:28:03 ---A- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
O44 - LFC:[MD5.964FA6476C47F647E2D7F44A12801F75] - 20/02/2010 - 20:27:56 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.00000000000000000000000000000000] - 20/02/2010 - 20:27:40 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 20/02/2010 - 20:27:39 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/02/2010 - 20:26:19 ---A- C:\WINDOWS\0.log
O44 - LFC:[MD5.0877AC09CAA217471589644C398FA572] - 20/02/2010 - 20:26:07 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.00000000000000000000000000000000] - 19/02/2010 - 15:47:01 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:[MD5.6E4B51D75AA81C2CA0170CA990B772C8] - 19/02/2010 - 14:55:30 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 17/02/2010 - 22:57:56 ---A- C:\WINDOWS\NeroDigital.ini
O44 - LFC:[MD5.83DFEF0DB14405475BCC1E27D7C37581] - 30/01/2010 - 20:43:01 ---A- C:\WINDOWS\wmsetup.log

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Program Files\EA SPORTS\FIFA 07\fifa07.exe"="C:\Program Files\EA SPORTS\FIFA 07\fifa07.exe:*:Enabled:fifa07"
O47 - AAKE:Key Export SP - "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
O47 - AAKE:Key Export SP - "C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
O47 - AAKE:Key Export SP - "C:\Program Files\PeerTV\PeerCast.exe"="C:\Program Files\PeerTV\PeerCast.exe:*:Disabled:PeerCast"
O47 - AAKE:Key Export SP - "C:\Program Files\PeerTV\VLC\vlc.exe"="C:\Program Files\PeerTV\VLC\vlc.exe:*:Disabled:VLC media player"
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
O47 - AAKE:Key Export SP - "C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
O47 - AAKE:Key Export SP - "C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"
O47 - AAKE:Key Export SP - "C:\Program Files\Zattoo\Zattoo2.exe"="C:\Program Files\Zattoo\Zattoo2.exe:*:Enabled: "
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe"="C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe:*:Enabled:TelephoneSurPC"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
O47 - AAKE:Key Export SP - "C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange HSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 20 Fév 2010 21:20

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{74fdb453-f48b-11dd-a88c-0013ce228107}\Shell\AutoRun\command - F:\WDSetup.exe
O51 - MPSK:{d6d24a60-f3a8-11dd-a88a-0013ce228107}\Shell\AutoRun\command - H:\WDSetup.exe

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.VP31"="vp31vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MPG4"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MP42"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo"="vfwwdm32.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux5"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux6"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux7"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi9"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux8"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux9"="wdmaud.drv"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Vidéo WDM pour le pilote de capture Windows (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="IMA ADPCM CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="ADPCM CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="CCITT G.711 A-Law and u-Law CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="GSM 6.10 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="TrueSpeech(TM) Software CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="Cinepak (TM)"
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="Microsoft H.263"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo (TM) R3.2"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="Indeo® Video 4.5"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="Indeo(R) Video YUV Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="RLE"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="Video 1"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="Microsoft YVYU Video Decompressor"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="Toshiba Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="Microsoft G.723.1"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="Microsoft H.261"
O52 - TDSD:HKLM\...\drivers.desc\"iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.C1536905AD2067812A238BCE998F4BFF] - 13/04/2008 - 19:46:18 ---A- C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:[MD5.E5E6DBFC41EA8AAD005CB9A57A96B43B] - 14/04/2008 - 02:52:42 ---A- C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:[MD5.E4ABC1212B70BB03D35E60681C447210] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:[MD5.F13D8E7E1FAA31019C25EB17B5FB2662] - 06/10/2004 - 07:29:50 ---A- C:\WINDOWS\system32\drivers\aeaudio.sys
O58 - SDL:[MD5.8BED39E3C35D6A489438B8141717A557] - 13/04/2008 - 17:39:23 ---A- C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:[MD5.7E775010EF291DA96AD17CA4B17137D7] - 14/08/2008 - 11:04:36 ---A- C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:[MD5.B06D36C988152B4C8DEA71235F6D1011] - 28/10/2004 - 22:37:50 ---A- C:\WINDOWS\system32\drivers\AGRSM.sys
O58 - SDL:[MD5.C6C0F974AB7E825813F8E6B4E5581750] - 14/04/2008 - 02:54:28 ---A- C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:[MD5.D3DABC57BE6D456DFD4BC026CFA582FF] - 14/04/2008 - 02:54:29 ---A- C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:[MD5.37E1A3630872B3CCAA45E2468F437DF0] - 23/12/2004 - 00:45:36 ---A- C:\WINDOWS\system32\drivers\ar5211.sys
O58 - SDL:[MD5.B5B8A80875C1DEDEDA8B02765642C32F] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:[MD5.5B01AF89D16D562825C4DB4530F20CBB] - 17/07/2002 - 07:53:02 ---A- C:\WINDOWS\system32\drivers\ASPI32.SYS
O58 - SDL:[MD5.B153AFFAC761E7F5FCFA822B9C4E97BC] - 13/04/2008 - 19:57:27 ---A- C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - 19:40:30 ---A- C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:[MD5.1FA523C5E4AD953F896EA50C33475BEA] - 05/01/2006 - 04:46:40 ---A- C:\WINDOWS\system32\drivers\ati2mtag.sys
O58 - SDL:[MD5.9916C1225104BA14794209CFA8012159] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:[MD5.AE76348A2605FB197FA8FF1D6F547836] - 13/04/2008 - 19:51:30 ---A- C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 22:59:44 ---A- C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:[MD5.DBB742F7A678A071761648926A441672] - 23/02/2006 - 17:17:20 ---A- C:\WINDOWS\system32\drivers\avgntdd.sys
O58 - SDL:[MD5.05EDF0E1482625BD6953760A77656673] - 04/07/2005 - 11:58:47 ---A- C:\WINDOWS\system32\drivers\avgntmgr.sys
O58 - SDL:[MD5.BDB37B3B217F5181A5BC129C50844F98] - 21/07/2009 - 21:20:44 ---A- C:\WINDOWS\system32\drivers\avipbb.sys
O58 - SDL:[MD5.0D93976F7801B7FCD8135CC77257BBD0] - 13/04/2008 - 19:36:32 ---A- C:\WINDOWS\system32\drivers\battc.sys
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:[MD5.F934D1B230F84E1D19DD00AC5A7A83ED] - 13/04/2008 - 19:53:23 ---A- C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:[MD5.0BE5AEF125BE881C4F854C554F2B025C] - 13/04/2008 - 19:46:23 ---A- C:\WINDOWS\system32\drivers\ccdecode.sys
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:[MD5.C885B02847F5D2FD45A24E219ED93B32] - 13/04/2008 - 20:14:21 ---A- C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 13/04/2008 - 19:40:46 ---A- C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.FE47DD8FE6D7768FF94EBEC6C74B2719] - 13/04/2008 - 20:16:22 ---A- C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:[MD5.0F6C187D38D98F8DF904589A5F94D411] - 13/04/2008 - 19:36:37 ---A- C:\WINDOWS\system32\drivers\cmbatt.sys
O58 - SDL:[MD5.6E4C9F21F0FAE8940661144F41B13203] - 13/04/2008 - 19:36:37 ---A- C:\WINDOWS\system32\drivers\compbatt.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.D68AE021109A74E491B83F3F69FB92CD] - 14/04/2008 - 03:02:47 ---A- C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:[MD5.044452051F3E02E7963599FC8F4F3E25] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:[MD5.E65E2353A5D74EA89971CB918EEEB2F6] - 13/04/2008 - 19:40:44 ---A- C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:[MD5.F5DEADD42335FB33EDCA74ECB2F36CBA] - 14/04/2008 - 03:05:07 ---A- C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:[MD5.5A7C47C9B3F9FB92A66410A7509F0C71] - 14/04/2008 - 03:05:12 ---A- C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:[MD5.8A208DFCF89792A484E76C40E5F50B45] - 13/04/2008 - 19:45:01 ---A- C:\WINDOWS\system32\drivers\dmusic.sys
O58 - SDL:[MD5.6CB08593487F5701D2D2254E693EAFCE] - 13/04/2008 - 19:45:14 ---A- C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:[MD5.8F5FCFF8E8848AFAC920905FBD9D33C8] - 13/04/2008 - 19:45:13 ---A- C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:[MD5.AC7280566A7BB85CB3291F04DDC1198E] - 13/04/2008 - 19:38:29 ---A- C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:[MD5.FD9FC82F134B1C91004FFC76A5AE494B] - 25/10/2004 - 20:02:00 ---A- C:\WINDOWS\system32\drivers\Entech.sys
O58 - SDL:[MD5.80D1B490B60E74E002DC116EC5D41748] - 17/08/2001 - 22:46:40 ---A- C:\WINDOWS\system32\drivers\enum1394.sys
O58 - SDL:[MD5.38D332A6D56AF32635675F132548343E] - 13/04/2008 - 20:14:29 ---A- C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:[MD5.92CDD60B6730B9F50F6A1A0C1F8CDC81] - 13/04/2008 - 19:40:25 ---A- C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - 02:57:38 ---A- C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:[MD5.9D27E7B80BFCDF1CDD9B555862D5E7F0] - 13/04/2008 - 19:40:25 ---A- C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:[MD5.B2CF4B0786F8212CB92ED2B50C6DB6B0] - 13/04/2008 - 19:32:59 ---A- C:\WINDOWS\system32\drivers\fltmgr.sys
O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.1AF592532532A402ED7C060F6954004F] - 13/04/2008 - 19:45:26 ---A- C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:[MD5.96ECCF28FDBF1B2CC12725818A63628D] - 13/04/2008 - 19:45:22 ---A- C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:[MD5.CCF82C5EC8A7326C3066DE870C06DAF1] - 13/04/2008 - 19:45:27 ---A- C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:[MD5.F6AACF5BCE2893E0C1754AFEB672E5C9] - 13/04/2008 - 19:53:53 ---A- C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - 03:00:52 ---A- C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 13/04/2008 - 19:40:58 ---A- C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:[MD5.4B6DA2F0A4095857A9E3F3697399D575] - 14/04/2008 - 03:03:25 ---A- C:\WINDOWS\system32\drivers\intelide.sys
O58 - SDL:[MD5.AD340800C35A42D4DE1641A37FEEA34C] - 14/04/2008 - 03:03:26 ---A- C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:[MD5.3BB22519A194418D5FEC05D800A19AD0] - 13/04/2008 - 19:53:34 ---A- C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:[MD5.B87AB476DCF76E72010632B5550955F5] - 13/04/2008 - 19:57:07 ---A- C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 13/04/2008 - 19:57:15 ---A- C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:[MD5.23C74D75E36E7158768DD63D92789A91] - 13/04/2008 - 20:19:42 ---A- C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:[MD5.ACA5E7B54409F9CB5EED97ED0C81120E] - 13/04/2008 - 19:54:36 ---A- C:\WINDOWS\system32\drivers\irda.sys
O58 - SDL:[MD5.C93C9FF7B04D772627A3646D89F7BF89] - 13/04/2008 - 19:54:28 ---A- C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:[MD5.355836975A67B6554BCA60328CD6CB74] - 14/04/2008 - 03:04:35 ---A- C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:[MD5.16813155807C6881F4BFBF6657424659] - 14/04/2008 - 03:05:14 ---A- C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:[MD5.692BCF44383D056AED41B045A323D378] - 13/04/2008 - 19:45:09 ---A- C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:[MD5.0753515F78DF7F271A5E61C20BCD36A1] - 13/04/2008 - 20:16:36 ---A- C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:[MD5.B467646C54CC746128904E1654C750C1] - 24/06/2009 - 12:18:41 ---A- C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:[MD5.95F6C2E89B5B0EDF33BE7E0BEDF21991] - 22/06/2006 - 23:29:30 R--A- C:\WINDOWS\system32\drivers\LV561AV.SYS
O58 - SDL:[MD5.2D0AB9D29E6B0C42CCE955B5A8E0D62D] - 26/06/2006 - 10:33:28 ---A- C:\WINDOWS\system32\drivers\Lvckap.sys
O58 - SDL:[MD5.A3963E3D997C3646E1D3338EB88A48E9] - 26/06/2006 - 10:33:36 ---A- C:\WINDOWS\system32\drivers\LVMVdrv.sys
O58 - SDL:[MD5.39C767BD6D99C23D28E71B6E0CBA3129] - 26/06/2006 - 10:33:40 ---A- C:\WINDOWS\system32\drivers\LVPr2Mon.sys
O58 - SDL:[MD5.6AD3F5275F117F08C12EAB2233A9E3FB] - 22/06/2006 - 23:29:46 R--A- C:\WINDOWS\system32\drivers\LVUSBSta.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:[MD5.A7DA20AB18A1BDAE28B0F349E57DA0D1] - 13/04/2008 - 19:36:41 ---A- C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:[MD5.510ADE9327FE84C10254E1902697E25F] - 14/04/2008 - 02:53:05 ---A- C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:[MD5.027C01BD7EF3349AAEBC883D8A799EFB] - 14/04/2008 - 02:53:18 ---A- C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:[MD5.124D6846040C79B9C997F78EF4B2A4E5] - 23/08/2001 - 16:04:42 ---A- C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:[MD5.A80B9A0BAD1B73637DBCBBA7DF72D3FD] - 13/04/2008 - 19:39:46 ---A- C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:[MD5.11D42BB6206F33FBB3BA0288D3EF81BD] - 13/04/2008 - 19:32:44 ---A- C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:[MD5.60AE98742484E7AB80C3C1450E708148] - 24/10/2008 - 12:21:09 ---A- C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:[MD5.C941EA2454BA8350021D774DAF0F1027] - 13/04/2008 - 19:32:39 ---A- C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:[MD5.0A02C63C8B144BD8C86B103DEE7C86A2] - 13/04/2008 - 19:56:32 ---A- C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:[MD5.D1575E71568F4D9E14CA56B7B0453BF1] - 13/04/2008 - 19:39:52 ---A- C:\WINDOWS\system32\drivers\mskssrv.sys
O58 - SDL:[MD5.325BB26842FC7CCC1FCCE2C457317F3E] - 13/04/2008 - 19:39:50 ---A- C:\WINDOWS\system32\drivers\mspclock.sys
O58 - SDL:[MD5.BAD59648BA099DA4A17680B39730CB3D] - 13/04/2008 - 19:39:51 ---A- C:\WINDOWS\system32\drivers\mspqm.sys
O58 - SDL:[MD5.AF5F4F3F14A8EA2C26DE30F7A1E17136] - 13/04/2008 - 19:36:46 ---A- C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:[MD5.E53736A9E30C45FA9E7B5EAC55056D1D] - 13/04/2008 - 19:39:50 ---A- C:\WINDOWS\system32\drivers\mstee.sys
O58 - SDL:[MD5.2F625D11385B1A94360BFC70AAEFDEE1] - 13/04/2008 - 20:17:05 ---A- C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:[MD5.5B50F1B2A2ED47D560577B221DA734DB] - 13/04/2008 - 19:46:25 ---A- C:\WINDOWS\system32\drivers\nabtsfec.sys
O58 - SDL:[MD5.7420B0C35BE9D7E9651CEB1456948C87] - 26/07/2004 - 14:28:02 ---A- C:\WINDOWS\system32\drivers\NBSMI.sys
O58 - SDL:[MD5.1DF7F42665C94B825322FAE71721130D] - 13/04/2008 - 20:20:37 ---A- C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:[MD5.7FF1F1FD8609C149AA432F95A8163D97] - 13/04/2008 - 19:46:22 ---A- C:\WINDOWS\system32\drivers\ndisip.sys
O58 - SDL:[MD5.1AB3D00C991AB086E69DB84B6C0ED78F] - 13/04/2008 - 19:57:27 ---A- C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:[MD5.F927A4434C5028758A842943EF1A3849] - 13/04/2008 - 19:55:58 ---A- C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:[MD5.EDC1531A49C80614B2CFDA43CA8659AB] - 13/04/2008 - 20:20:42 ---A- C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:[MD5.6215023940CFD3702B46ABC304E1D45A] - 13/04/2008 - 19:57:29 ---A- C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:[MD5.5D81CF9A2F1A3A756B66CF684911CDF0] - 13/04/2008 - 19:56:02 ---A- C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 13/04/2008 - 20:21:00 ---A- C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:[MD5.1265EB253ED4EBE4ACB3BD5F548FF796] - 29/01/2003 - 22:35:00 ---A- C:\WINDOWS\system32\drivers\Netdevio.sys
O58 - SDL:[MD5.A00C3E41E62E28C7F4D9732B275F6F64] - 05/06/2007 - 15:00:57 ---A- C:\WINDOWS\system32\drivers\nhcDriver.sys
O58 - SDL:[MD5.E9E47CFB2D461FA0FC75B7A74C6383EA] - 13/04/2008 - 19:51:25 ---A- C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.1E421A6BCF2203CC61B821ADA9DE878B] - 13/04/2008 - 19:53:09 ---A- C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:[MD5.3182D64AE053D6FB034F44B6DEF8034A] - 13/04/2008 - 19:32:39 ---A- C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 13/04/2008 - 20:15:53 ---A- C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:[MD5.8B8B1BE2DBA4025DA6786C645F77F123] - 13/04/2008 - 19:56:06 ---A- C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:[MD5.CA33832DF41AFB202EE7AEB05145922F] - 13/04/2008 - 19:46:18 ---A- C:\WINDOWS\system32\drivers\ohci1394.sys
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:[MD5.CECB679633523AC5EB7EB85F92DCD806] - 14/04/2008 - 03:09:37 ---A- C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - 03:09:40 ---A- C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:[MD5.BEB3BA25197665D82EC7065B724171C6] - 13/04/2008 - 19:40:49 ---A- C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:[MD5.043410877BDA580C528F45165F7125BC] - 14/04/2008 - 03:09:47 ---A- C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:[MD5.F4BFDE7209C14A07AAA61E4D6AE69EAC] - 23/08/2001 - 17:15:46 ---A- C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:[MD5.52E60F29221D0D1AC16737E8DBF7C3E9] - 13/04/2008 - 19:40:29 ---A- C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:[MD5.F0406CBC60BDB0394A0E17FFB04CDD3D] - 14/04/2008 - 03:09:53 ---A- C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:[MD5.D929E935C140025C18678E6E97A75471] - 25/03/2009 - 20:06:02 ---A- C:\WINDOWS\system32\drivers\PnkBstrK.sys
O58 - SDL:[MD5.E82A496C3961EFC6828B508C310CE98F] - 13/04/2008 - 20:19:41 ---A- C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:[MD5.E19C9632AC828F6F214391E2BDDA11CB] - 14/04/2008 - 02:55:30 ---A- C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:[MD5.09298EC810B07E5D582CB3A3F9255424] - 13/04/2008 - 19:56:38 ---A- C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.0C8DA0A8B0D227319C285E0EAE65DEFD] - 03/11/2005 - 03:00:00 ---A- C:\WINDOWS\system32\drivers\pxhelp20.sys
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:[MD5.0207D26DDF796A193CCD9F83047BB5FC] - 17/08/2001 - 22:51:32 ---A- C:\WINDOWS\system32\drivers\rasirda.sys
O58 - SDL:[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 13/04/2008 - 20:19:43 ---A- C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:[MD5.5BC962F2654137C9909C3D4603587DEE] - 13/04/2008 - 19:57:32 ---A- C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:[MD5.EFEEC01B1D3CF84F16DDD24D9D9D8F99] - 13/04/2008 - 20:19:48 ---A- C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:[MD5.7AD224AD1A1437FE28D89CF22B17780A] - 13/04/2008 - 20:28:39 ---A- C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - 19:32:51 ---A- C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:[MD5.6728E45B66F93C08F11DE2E316FC70DD] - 14/04/2008 - 03:34:54 ---A- C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 14/04/2008 - 02:57:34 ---A- C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.96F7A9A7BF0C9C0440A967440065D33C] - 08/05/2008 - 15:02:52 ---A- C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:[MD5.601844CBCF617FF8C868130CA5B2039D] - 13/04/2008 - 19:56:49 ---A- C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:[MD5.76C465F570E90C28942D52CCB2580A10] - 13/04/2008 - 19:40:30 ---A- C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:[MD5.8D04819A3CE51B9EB47E5689B44D43C4] - 13/04/2008 - 19:36:44 ---A- C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.0F29512CCD6BEAD730039FB4BD2C85CE] - 13/04/2008 - 19:40:12 ---A- C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:[MD5.93D313C31F7AD9EA2B75F26075413C7C] - 14/04/2008 - 03:00:08 ---A- C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:[MD5.4C0D673281178CB496011A2E28571FC8] - 10/08/2005 - 13:44:04 ---A- C:\WINDOWS\system32\drivers\sfdrv01.sys
O58 - SDL:[MD5.0FA803C64DF0914B41F807EA276BF2A6] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:[MD5.C17C331E435ED8737525C86A7557B3AC] - 13/04/2008 - 19:40:47 ---A- C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 16/05/2005 - 14:20:39 ---A- C:\WINDOWS\system32\drivers\sfhlp02.sys
O58 - SDL:[MD5.8E6B8C671615D126FDC553D1E2DE5562] - 13/04/2008 - 19:40:48 ---A- C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:[MD5.1F13F3C7907588D017299B008EEED06C] - 23/09/2009 - 15:05:06 ---A- C:\WINDOWS\system32\drivers\Sftredirxp.sys
O58 - SDL:[MD5.D5A7E09D2C6A702809E49190D52ADC9F] - 03/11/2005 - 15:40:07 ---A- C:\WINDOWS\system32\drivers\sfvfs02.sys
O58 - SDL:[MD5.866D538EBE33709A5C9F5C62B73B7D14] - 13/04/2008 - 19:46:23 ---A- C:\WINDOWS\system32\drivers\slip.sys
O58 - SDL:[MD5.A8EB0AA07632A4C936FF6F8EDA5BDEAD] - 16/06/2004 - 11:19:58 ---A- C:\WINDOWS\system32\drivers\smcirda.sys
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:[MD5.014AB093E6452EA88031BB6E22919BB5] - 01/09/2004 - 11:17:46 ---A- C:\WINDOWS\system32\drivers\smwdm.sys
O58 - SDL:[MD5.489703624DAC94ED943C2ABDA022A1CD] - 13/04/2008 - 19:46:07 ---A- C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:[MD5.AB8B92451ECB048A4D1DE7C3FFCB4A9F] - 13/04/2008 - 19:45:07 ---A- C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:[MD5.00000000000000000000000000000000] - 25/01/2007 - 03:17:41 ---A- C:\WINDOWS\system32\drivers\sptd.sys
O58 - SDL:[MD5.39626E6DC1FB39434EC40C42722B660A] - 14/04/2008 - 03:10:03 ---A- C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:[MD5.3BB03F2BA89D2BE417206C373D2AF17C] - 11/12/2008 - 11:57:09 ---A- C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:[MD5.3D2829FDE1C52FC64DA5413889CE4DEE] - 01/05/2007 - 20:00:40 ---A- C:\WINDOWS\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.3E5D89099DED9E86E5639F411693218F] - 13/04/2008 - 19:45:15 ---A- C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:[MD5.77813007BA6265C4B6098187E6ED79D2] - 13/04/2008 - 19:46:21 ---A- C:\WINDOWS\system32\drivers\streamip.sys
O58 - SDL:[MD5.3941D127AEF12E93ADDF6FE6EE027E0F] - 13/04/2008 - 19:39:53 ---A- C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:[MD5.8CE882BCC6CF8A62F2B2323D95CB3D01] - 13/04/2008 - 19:45:09 ---A- C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:[MD5.F6770219B73BD989D5613D2E9C78A227] - 14/10/2004 - 23:14:04 ---A- C:\WINDOWS\system32\drivers\SynTP.sys
O58 - SDL:[MD5.8B83F3ED0F1688B4958F77CD6D2BF290] - 13/04/2008 - 20:15:55 ---A- C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:[MD5.FD6093E3DECD925F1CFFC8A0DD539D72] - 13/04/2008 - 19:40:50 ---A- C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:[MD5.9AEFA14BD6B182D61E3119FA5F436D3D] - 20/06/2008 - 12:51:12 ---A- C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:[MD5.FB9F32ACC1D3AD523F7EC900B66FC1BB] - 20/06/2008 - 12:08:27 ---A- C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:[MD5.0539D5E53587F82D1B4FD74C5BE205CF] - 13/04/2008 - 20:00:05 ---A- C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:[MD5.6471A66807F5E104E4885F5B67349397] - 14/04/2008 - 03:34:52 ---A- C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:[MD5.C56B6D0402371CF3700EB322EF3AAF61] - 14/04/2008 - 03:34:53 ---A- C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:[MD5.88155247177638048422893737429D9E] - 14/04/2008 - 03:34:52 ---A- C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:[MD5.467FF7FB078DCEC24C3F4DB602190E3D] - 13/09/2004 - 21:40:56 ---A- C:\WINDOWS\system32\drivers\tifm21.sys
O58 - SDL:[MD5.78E9819E076B909541BD4A37F8F0668B] - 08/04/2003 - 05:51:58 ---A- C:\WINDOWS\system32\drivers\tosbtsd2.sys
O58 - SDL:[MD5.142B91503C45C1A05A355414E13A51D1] - 31/08/2004 - 00:27:28 ---A- C:\WINDOWS\system32\drivers\tosdbt.sys
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:[MD5.62C57E7411B5F20980E70530CA69D5A7] - 16/10/2002 - 21:55:48 ---A- C:\WINDOWS\system32\drivers\Toshidpt.sys
O58 - SDL:[MD5.F3DB7683C34FCF389976DDF34AC6C718] - 02/08/2004 - 23:13:04 ---A- C:\WINDOWS\system32\drivers\Tosporte.sys
O58 - SDL:[MD5.E53CB56E8CE6D5F74A8479FAF4FF8961] - 23/10/2004 - 06:18:32 ---A- C:\WINDOWS\system32\drivers\TosRfbd.sys
O58 - SDL:[MD5.FE200EECE7521061CDAD658C6EE4F341] - 09/07/2004 - 01:07:32 ---A- C:\WINDOWS\system32\drivers\tosrfbnp.sys
O58 - SDL:[MD5.8EF8069EC1FDE5D924CBD9348F4787F8] - 19/04/2004 - 20:02:48 ---A- C:\WINDOWS\system32\drivers\tosrfcom.sys
O58 - SDL:[MD5.CC42FDBE9760CA1639E23158AB995F98] - 17/05/2004 - 23:18:24 ---A- C:\WINDOWS\system32\drivers\Tosrfec.sys
O58 - SDL:[MD5.66E443CE97A3270C977EA21ABBE8E42D] - 09/11/2004 - 04:01:30 ---A- C:\WINDOWS\system32\drivers\TosRfhid.sys
O58 - SDL:[MD5.AE5B75C86574A1BD0A093A9159F829F9] - 08/02/2002 - 00:24:20 ---A- C:\WINDOWS\system32\drivers\tosrflan.sys
O58 - SDL:[MD5.6C3B5204EA0CD610C847A6834913BC4E] - 06/05/2004 - 22:35:08 ---A- C:\WINDOWS\system32\drivers\tosrfnds.sys
O58 - SDL:[MD5.87031831486F7ED4EAFEF27125BB56C8] - 02/08/2002 - 05:53:22 ---A- C:\WINDOWS\system32\drivers\TosRFPCC.sys
O58 - SDL:[MD5.12DC9BFBC63E9E60D68CCB1E966E6AEF] - 18/10/2004 - 17:42:34 ---A- C:\WINDOWS\system32\drivers\TosRfSnd.sys
O58 - SDL:[MD5.9E8FC547B882B68006D935589110CFE0] - 26/10/2004 - 02:05:24 ---A- C:\WINDOWS\system32\drivers\tosrfusb.sys
O58 - SDL:[MD5.306E19413EADB0CA8842D5381A0354FC] - 01/07/2003 - 20:52:28 ---A- C:\WINDOWS\system32\drivers\tostrans.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.342574B9CE3ADEE78CB5D7D67C0B911E] - 28/07/2004 - 14:26:34 ---A- C:\WINDOWS\system32\drivers\TSXT_kern_i386.sys
O58 - SDL:[MD5.8F861EDA21C05857EB8197300A92501C] - 13/04/2008 - 19:56:01 ---A- C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:[MD5.2FA539E0701CBAB260A055749D245620] - 26/11/2004 - 13:04:38 ---A- C:\WINDOWS\system32\drivers\Tvs.sys
O58 - SDL:[MD5.5787B80C2E3C5E2F56C2A233D91FA2C9] - 13/04/2008 - 19:32:36 ---A- C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:[MD5.402DDC88356B1BAC0EE3DD1580C76A31] - 13/04/2008 - 19:39:46 ---A- C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:[MD5.BEE793D4A059CAEA55D6AC20E19B3A8F] - 13/04/2008 - 19:56:49 ---A- C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 28/08/2009 - 18:42:52 ---A- C:\WINDOWS\system32\drivers\usbaapl.sys
O58 - SDL:[MD5.E919708DB44ED8543A7C017953148330] - 13/04/2008 - 19:45:12 ---A- C:\WINDOWS\system32\drivers\usbaudio.sys
O58 - SDL:[MD5.1C1A47B40C23358245AA8D0443B6935E] - 13/04/2008 - 19:45:40 ---A- C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:[MD5.CE97845D2E3F0D274B8BAC1ED07C6149] - 13/04/2008 - 19:45:41 ---A- C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:[MD5.173F317CE0DB8E21322E71B7E60A27E8] - 13/04/2008 - 19:45:39 ---A- C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:[MD5.65DCF09D0E37D4C6B11B5B0B76D470A7] - 13/04/2008 - 19:45:35 ---A- C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:[MD5.1AB3CDDE553B6E064D2E754EFE20285C] - 13/04/2008 - 19:45:37 ---A- C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:[MD5.290913DC4F1125E5A82DE52579A44C43] - 13/04/2008 - 19:45:43 ---A- C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:[MD5.791912E524CC2CC6F50B5F2B52D1EB71] - 13/04/2008 - 19:45:36 ---A- C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:[MD5.A717C8721046828520C9EDF31288FC00] - 13/04/2008 - 19:47:37 ---A- C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:[MD5.A0B8CF9DEB1184FBDD20784A58FA75D4] - 13/04/2008 - 19:45:34 ---A- C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:[MD5.A32426D9B14A089EAA1D922E0C5801A9] - 13/04/2008 - 19:45:38 ---A- C:\WINDOWS\system32\drivers\usbstor.sys
O58 - SDL:[MD5.26496F9DEE2D787FC3E61AD54821FFE6] - 13/04/2008 - 19:45:35 ---A- C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.0D3A8FAFCEACD8B7625CD549757A7DF1] - 13/04/2008 - 19:44:40 ---A- C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:[MD5.E28726B72C46821A28830E077D39A55B] - 13/04/2008 - 19:44:40 ---A- C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - 02:56:04 ---A- C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:[MD5.13ACFED0E6ADCA97440169DFD127EBCF] - 10/04/2007 - 22:46:48 R--A- C:\WINDOWS\system32\drivers\VX3000.sys
O58 - SDL:[MD5.C89DA341FCC883A3D79DC11727484FC2] - 30/10/2004 - 02:48:10 ---A- C:\WINDOWS\system32\drivers\w29n51.sys
O58 - SDL:[MD5.E20B95BAEDB550F32DD489265C1DA1F6] - 13/04/2008 - 19:57:21 ---A- C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:[MD5.6768ACF64B18196494413695F0C3A00F] - 13/04/2008 - 20:17:18 ---A- C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:[MD5.97EB24F1A5C3E78A61158B2531D61BA4] - 21/05/2004 - 09:16:10 ---A- C:\WINDOWS\system32\drivers\WOWXT_kern_i386.sys
O58 - SDL:[MD5.CF4DEF1BF66F06964DC0D91844239104] - 18/10/2006 - 20:00:00 ---A- C:\WINDOWS\system32\drivers\wpdusb.sys
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:[MD5.C98B39829C2BBD34E454150633C62C78] - 13/04/2008 - 19:46:24 ---A- C:\WINDOWS\system32\drivers\wstcodec.sys
O58 - SDL:[MD5.BAC4E920C920168C302C90C0F37740F6] - 26/11/2004 - 15:29:00 ---A- C:\WINDOWS\system32\drivers\yk51x86.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.67C48B04DE79D5E483B19032B30ADD99] - 23/11/2005 - 07:48:35 ---A- C:\WINDOWS\system32\atiicdxx.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 12:00:00 ---A- C:\WINDOWS\system32\ntio804.sys
O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 06/11/2008 - 17:53:02 ---A- C:\WINDOWS\system32\pcampr5.sys
O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 06/11/2008 - 17:53:02 ---A- C:\WINDOWS\system32\pcandis5.sys
O58 - SDL:[MD5.9A10AACBFDC4922715375FB4065EC930] - 13/04/2008 - 19:44:59 ---A- C:\WINDOWS\system32\watchdog.sys
O58 - SDL:[MD5.E2D4E6609DCF4175FCC8BCA489F28D9C] - 19/04/2009 - 20:50:30 ---A- C:\WINDOWS\system32\win32k.sys

---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24

---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - AFD (AFD) - LEGACY_AFD
O64 - Services: CurCS - Service de la passerelle de la couche Application (ALG) - LEGACY_ALG
O64 - Services: CurCS - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - LEGACY_ANTIVIRSCHEDULER
O64 - Services: CurCS - AntiVir PersonalEdition Classic Guard (AntiVirService) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - Apple Mobile Device (Apple Mobile Device) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - Application Updater (Application Updater) - LEGACY_APPLICATION_UPDATER
O64 - Services: CurCS - Gestion d'applications (AppMgmt) - LEGACY_APPMGMT
O64 - Services: CurCS - Protocole client ARP 1394 (Arp1394) - LEGACY_ARP1394
O64 - Services: CurCS - Aspi32 (Aspi32) - LEGACY_ASPI32
O64 - Services: CurCS - Ati HotKey Poller (Ati HotKey Poller) - LEGACY_ATI_HOTKEY_POLLER
O64 - Services: CurCS - ATI Smart (ATI Smart) - LEGACY_ATI_SMART
O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV
O64 - Services: CurCS - avgio (avgio) - LEGACY_AVGIO
O64 - Services: CurCS - No object (No service) - LEGACY_AVGNTDW
O64 - Services: CurCS - avgntflt (avgntflt) - LEGACY_AVGNTFLT
O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP
O64 - Services: CurCS - Service de transfert intelligent en arrière-plan (BITS) - LEGACY_BITS
O64 - Services: CurCS - Service Bonjour (Bonjour Service) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - Explorateur d'ordinateur (Browser) - LEGACY_BROWSER
O64 - Services: CurCS - No object (No service) - LEGACY_CATCHME
O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS
O64 - Services: CurCS - ConfigFree Service (CFSvcs) - LEGACY_CFSVCS
O64 - Services: CurCS - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32
O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP
O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC
O64 - Services: CurCS - CrystalSysInfo (CrystalSysInfo) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - Client Virtualization Handler (cvhsvc) - LEGACY_CVHSVC
O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP
O64 - Services: CurCS - Diskeeper (Diskeeper) - LEGACY_DISKEEPER
O64 - Services: CurCS - Service d'administration du Gestionnaire de disque logique (dmadmin) - LEGACY_DMADMIN
O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT
O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD
O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER
O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE
O64 - Services: CurCS - drvnddm (drvnddm) - LEGACY_DRVNDDM
O64 - Services: CurCS - ENTECH (ENTECH) - LEGACY_ENTECH
O64 - Services: CurCS - Service de rapport d'erreurs (ERSvc) - LEGACY_ERSVC
O64 - Services: CurCS - Système d'événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS
O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR
O64 - Services: CurCS - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC
O64 - Services: CurCS - France Telecom Routing Table Service (FTRTSVC) - LEGACY_FTRTSVC
O64 - Services: CurCS - No object (No service) - LEGACY_GMER
O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC
O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC
O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP
O64 - Services: CurCS - HTTP SSL (HTTPFilter) - LEGACY_HTTPFILTER
O64 - Services: CurCS - InstallDriver Table Manager (IDriverT) - LEGACY_IDRIVERT
O64 - Services: CurCS - Windows CardSpace (idsvc) - LEGACY_IDSVC
O64 - Services: CurCS - File Filter Driver (IKFileFlt) - LEGACY_IKFILEFLT
O64 - Services: CurCS - File Security Driver (IKFileSec) - LEGACY_IKFILESEC
O64 - Services: CurCS - System Filter Driver (IkSysFlt) - LEGACY_IKSYSFLT
O64 - Services: CurCS - System Security Driver (IKSysSec) - LEGACY_IKSYSSEC
O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - IntelIde (IntelIde) - LEGACY_INTELIDE
O64 - Services: CurCS - Traducteur d'adresses réseau IP (IpNat) - LEGACY_IPNAT
O64 - Services: CurCS - iPod Service (iPod Service) - LEGACY_IPOD_SERVICE
O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC
O64 - Services: CurCS - Protocole IrDA (irda) - LEGACY_IRDA
O64 - Services: CurCS - Moniteur infrarouge (Irmon) - LEGACY_IRMON
O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD
O64 - Services: CurCS - Serveur (lanmanserver) - LEGACY_LANMANSERVER
O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS
O64 - Services: CurCS - Logitech LVPr2Mon Driver (LVPr2Mon) - LEGACY_LVPR2MON
O64 - Services: CurCS - Logitech Process Monitor (LVPrcSrv) - LEGACY_LVPRCSRV
O64 - Services: CurCS - LVSrvLauncher (LVSrvLauncher) - LEGACY_LVSRVLAUNCHER
O64 - Services: CurCS - mchInjDrv (mchInjDrv) - LEGACY_MCHINJDRV
O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD
O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR
O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV
O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB
O64 - Services: CurCS - MSCamSvc (MSCamSvc) - LEGACY_MSCAMSVC
O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC
O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS
O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER
O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP
O64 - Services: CurCS - No object (No service) - LEGACY_NAVENG
O64 - Services: CurCS - No object (No service) - LEGACY_NAVEX15
O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS
O64 - Services: CurCS - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI
O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO
O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY
O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS
O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT
O64 - Services: CurCS - TOSHIBA Network Device Usermode I/O Protocol (Netdevio) - LEGACY_NETDEVIO
O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN
O64 - Services: CurCS - Notebook Hardware Control Driver (nhcDriverDevice) - LEGACY_NHCDRIVERDEVICE
O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA
O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS
O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS
O64 - Services: CurCS - Stockage amovible (NtmsSvc) - LEGACY_NTMSSVC
O64 - Services: CurCS - Null (Null) - LEGACY_NULL
O64 - Services: CurCS - Pilote de filtre de trafic IPX (NwlnkFlt) - LEGACY_NWLNKFLT
O64 - Services: CurCS - Pilote de transfert de trafic IPX (NwlnkFwd) - LEGACY_NWLNKFWD
O64 - Services: CurCS - Protocole de transport compatible NWLink IPX/SPX/NetBIOS (NwlnkIpx) - LEGACY_NWLNKIPX
O64 - Services: CurCS - NetBIOS NWLink (NwlnkNb) - LEGACY_NWLNKNB
O64 - Services: CurCS - Protocole NWLink SPX/SPXII (NwlnkSpx) - LEGACY_NWLNKSPX
O64 - Services: CurCS - Office Source Engine (ose) - LEGACY_OSE
O64 - Services: CurCS - Office Software Protection Platform (osppsvc) - LEGACY_OSPPSVC
O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR
O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM
O64 - Services: CurCS - No object (No service) - LEGACY_PCAMPR5
O64 - Services: CurCS - PCANDIS5 NDIS Protocol Driver (PCANDIS5) - LEGACY_PCANDIS5
O64 - Services: CurCS - PnkBstrA (PnkBstrA) - LEGACY_PNKBSTRA
O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT
O64 - Services: CurCS - PROCEXP90 (PROCEXP90) - LEGACY_PROCEXP90
O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - Pilote de connexion automatique d'accès distant (RasAcd) - LEGACY_RASACD
O64 - Services: CurCS - Gestionnaire de connexion automatique d'accès distant (RasAuto) - LEGACY_RASAUTO
O64 - Services: CurCS - Gestionnaire de connexions d'accès distant (RasMan) - LEGACY_RASMAN
O64 - Services: CurCS - Rdbss (Rdbss) - LEGACY_RDBSS
O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD
O64 - Services: CurCS - RDPNP (RDPNP) - LEGACY_RDPNP
O64 - Services: CurCS - RDPWD (RDPWD) - LEGACY_RDPWD
O64 - Services: CurCS - Routage et accès distant (RemoteAccess) - LEGACY_REMOTEACCESS
O64 - Services: CurCS - Localisateur d'appels de procédure distante (RPC) (RpcLocator) - LEGACY_RPCLOCATOR
O64 - Services: CurCS - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS
O64 - Services: CurCS - QoS RSVP (RSVP) - LEGACY_RSVP
O64 - Services: CurCS - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS
O64 - Services: CurCS - No object (No service) - LEGACY_SAVRT
O64 - Services: CurCS - No object (No service) - LEGACY_SAVRTPEL
O64 - Services: CurCS - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE
O64 - Services: CurCS - SeaPort (SeaPort) - LEGACY_SEAPORT
O64 - Services: CurCS - Secdrv (Secdrv) - LEGACY_SECDRV
O64 - Services: CurCS - Connexion secondaire (seclogon) - LEGACY_SECLOGON
O64 - Services: CurCS - Notification d'événement système (SENS) - LEGACY_SENS
O64 - Services: CurCS - Serial (Serial) - LEGACY_SERIAL
O64 - Services: CurCS - StarForce Protection Environment Driver (version 1.x) (sfdrv01) - LEGACY_SFDRV01
O64 - Services: CurCS - StarForce Protection Helper Driver (version 2.x) (sfhlp02) - LEGACY_SFHLP02
O64 - Services: CurCS - sftfs (sftfs) - LEGACY_SFTFS
O64 - Services: CurCS - Application Virtualization Client (sftlist) - LEGACY_SFTLIST
O64 - Services: CurCS - sftplay (sftplay) - LEGACY_SFTPLAY
O64 - Services: CurCS - Sftredir (Sftredir) - LEGACY_SFTREDIR
O64 - Services: CurCS - sftvol (sftvol) - LEGACY_SFTVOL
O64 - Services: CurCS - Application Virtualization Service Agent (sftvsa) - LEGACY_SFTVSA
O64 - Services: CurCS - StarForce Protection VFS Driver (version 2.x) (sfvfs02) - LEGACY_SFVFS02
O64 - Services: CurCS - Pare-feu Windows / Partage de connexion Internet (SharedAccess) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - SoundMAX Agent Service (SoundMAX Agent Service (default)) - LEGACY_SOUNDMAX_AGENT_SERVICE_(DEFAULT)
O64 - Services: CurCS - Spouleur d'impression (Spooler) - LEGACY_SPOOLER
O64 - Services: CurCS - sptd (sptd) - LEGACY_SPTD
O64 - Services: CurCS - Pilote de filtre de restauration système (sr) - LEGACY_SR
O64 - Services: CurCS - Service de restauration système (srservice) - LEGACY_SRSERVICE
O64 - Services: CurCS - Srv (Srv) - LEGACY_SRV
O64 - Services: CurCS - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV
O64 - Services: CurCS - ssrtln (ssrtln) - LEGACY_SSRTLN
O64 - Services: CurCS - Acquisition d'image Windows (WIA) (stisvc) - LEGACY_STISVC
O64 - Services: CurCS - No object (No service) - LEGACY_SYMEVENT
O64 - Services: CurCS - No object (No service) - LEGACY_SYMREDRV
O64 - Services: CurCS - SYMTDI (SYMTDI) - LEGACY_SYMTDI
O64 - Services: CurCS - Journaux et alertes de performance (SysmonLog) - LEGACY_SYSMONLOG
O64 - Services: CurCS - Téléphonie (TapiSrv) - LEGACY_TAPISRV
O64 - Services: CurCS - TOSHIBA Application Service (TAPPSRV) - LEGACY_TAPPSRV
O64 - Services: CurCS - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP
O64 - Services: CurCS - TDTCP (TDTCP) - LEGACY_TDTCP
O64 - Services: CurCS - Services Terminal Server (TermService) - LEGACY_TERMSERVICE
O64 - Services: CurCS - tfsnboio (tfsnboio) - LEGACY_TFSNBOIO
O64 - Services: CurCS - tfsncofs (tfsncofs) - LEGACY_TFSNCOFS
O64 - Services: CurCS - tfsndrct (tfsndrct) - LEGACY_TFSNDRCT
O64 - Services: CurCS - tfsndres (tfsndres) - LEGACY_TFSNDRES
O64 - Services: CurCS - tfsnifs (tfsnifs) - LEGACY_TFSNIFS
O64 - Services: CurCS - tfsnopio (tfsnopio) - LEGACY_TFSNOPIO
O64 - Services: CurCS - tfsnpool (tfsnpool) - LEGACY_TFSNPOOL
O64 - Services: CurCS - tfsnudf (tfsnudf) - LEGACY_TFSNUDF
O64 - Services: CurCS - tfsnudfa (tfsnudfa) - LEGACY_TFSNUDFA
O64 - Services: CurCS - Thèmes (Themes) - LEGACY_THEMES
O64 - Services: CurCS - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS
O64 - Services: CurCS - TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - LEGACY_TUWINSTYLERTHEMESVC
O64 - Services: CurCS - Udfs (Udfs) - LEGACY_UDFS
O64 - Services: CurCS - Hôte de périphérique universel Plug-and-Play (upnphost) - LEGACY_UPNPHOST
O64 - Services: CurCS - vga (vga) - LEGACY_VGA
O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE
O64 - Services: CurCS - VolSnap (VolSnap) - LEGACY_VOLSNAP
O64 - Services: CurCS - Horloge Windows (W32Time) - LEGACY_W32TIME
O64 - Services: CurCS - Pilote ARP IP d'accès distant (Wanarp) - LEGACY_WANARP
O64 - Services: CurCS - WebClient (WebClient) - LEGACY_WEBCLIENT
O64 - Services: CurCS - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT
O64 - Services: CurCS - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV
O64 - Services: CurCS - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) - LEGACY_WS2IFSL
O64 - Services: CurCS - Centre de sécurité (wscsvc) - LEGACY_WSCSVC
O64 - Services: CurCS - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV
O64 - Services: CurCS - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC


End of the scan: 1235 lines
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 20 Fév 2010 22:56

Bonjour Littelou,

Si tu apelles par "ménage" formater tes clés usb, tu as bien fait.
Si tu les a juste vidées, il te faudrat les formater, tant qu'elles sont vides.
Il nous reste une petite chose à supprimer:

Télécharge sur le bureau Toolbar S/D crée par Eric_71

  • Double-clique dessus, un raccourci sera ajouté sur le Bureau.
  • Double-clique sur le raccourci pour démarrer l'outil, et choisis la langue.
  • Choisi l'option 2 puis valide afin de lancer la suppression.
  • Patiente jusqu'à la fin .
  • Poste le rapport ouvert en copier/coller, dans ta prochaine réponse.

Remarque: Le rapport se trouve également sous : C:\TB.txt

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar littelou » 21 Fév 2010 23:03

J'ai effectivement vidé mes clés USB mais pas encore formater je vais le faire plus tard!
voila le rapport :

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.80GHz )
BIOS : Insyde Software MobilePRO BIOS Version 4.20.09
USER : Xavier ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 6.38.1.87
(Activated)
C:\ (Local Disk) - NTFS - Total:92 Go (Free:10 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
Q:\ (Local Disk)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 21/02/2010|23:00 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Xavier\APPLIC~1\Search Settings\kb130
Supprime! - C:\DOCUME~1\Xavier\APPLIC~1\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://yahoo.fr/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 21/02/2010|23:02 - Option : [2]

-----------\\ Fin du rapport a 23:02:17,94
littelou
Libellulien Junior
Libellulien Junior
 
Messages: 161
Inscription: 23 Juil 2008 17:06

Re: demande d'ananlyse de scan hijackthis!merci

Messagepar Florinator » 22 Fév 2010 10:01

Bonjour Littelou,

Il faut que tu saches qu'une infection USB peut provenir d'une clé autre que la tienne et que celle ci comtaminera ,et ton système, et tes autres supports amovibles qui se brancheront, que cela soit sur ton pc ou un autre.
Ces infections se promènent par ce que l'on appelle un Autorun, cette fonction s'active lorsque tu double clique sur un support, et libère donc l'infection.
Pour éviter d'éxécuter cet autorun, tu as la possibilité de faire un clique droit, puis "explorer", pratique lorsque tu n'est pas sûr du contenu de la clé ou du support qui vient se brancher sur ton pc.
Par dessus cela, un vidage et un formatage de clé de tant à autrees ne fait pas de mal.
Je te laisse lire ceci, prends le temps c'est trés interressant.

Dis moi si tu as d'autres soucis sur ta machine?

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19


Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités
cron