Fenêtres intempestives avec FF v. 3.6

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 29 Jan 2010 18:45

Bonjour,
petit souci après le passage à Firefox 3.6. Je m'explique :
j'étais sur la version 3.5.7 et je suis passé à la 3.6 il y à deux jours. Je ne sais pas si c'est une coïncidence, mais j'ai des fenêtres qui se sont invitées sans qu'on leur demande rien : tout d'abord le site "www.planet49.com" et puis la page "http://omega365.ru/lib2/yearsTend.class" (qui me paraît plus inquiétante). D'ailleurs à l'apparition de celle-ci, mon anti-virus a réagi et il l'a mise en quanrantaine. Du coup, je me suis un peu inquiété et j'ai passé mon pc à la moulinette de mes softs de sécurité (nod32/MBAM/Spybot/ccleaner). Ceux-ci m'ont trouvé quelques joyeusetés supplémentaires :Trojan.Agent (xebk.ex dans le system32 et aussi Security.Hijack dans la base de registre. Concernant Omega365, Nod32 me dit qu'il s'agit probablement d'une variante de Java/TrojanDownloader.Agent.AB.
Tout ceci a été supprimé ou stoppé, mais je crains qu'il y ait d'autres fenêtres intempestives qui s'ouvrent sous peu.
Et moi qui pensait qu'avec tous ces outils mon PC était un vrai coffre-fort :roll: . Mais apparemment il y a quelques cochonneries qui sont passées par le trou de la serrure.
J'ajoute que j'ai Comodo comme pare-feu et que je suis sous XP.

C'est grave docteur ? Dois-je coller un rapport HijackThis ? Merci d'une petite aide.... :)

Je reprends mon post car je viens de m'apercevoir que j'ai chopé un trojan 888.com.
Donc à chaque connexion Internet j'ai une page de jeu en ligne qui s'ouvre. Je joins le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:08, on 29/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\HP\KBD\KBD.EXE
C:\Programme\Eset\nod32kui.exe
C:\Programme\Comodo\Firewall\CPF.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\Programme\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Outils\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: t-com.lnk = ?
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 2325786494
O17 - HKLM\System\CCS\Services\Tcpip\..\{388D20A8-304B-4C2B-A91F-D8D6F9095206}: NameServer = 217.0.43.161 217.0.43.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - T-Systems Enterprise Services GmbH - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programme\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: T-DSL Manager (TDslMgrService) - T-Systems - C:\Programme\T-DSL Manager\DslMgrSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5653 bytes
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 30 Jan 2010 15:21

Bonjour Guy pierre,

Je soupçonne,par ton log, un détournement DNS qui te balade sur des serveurs en Allemagne et ce sur chacune de tes navigations, ce qui serait cause de pages non souhaités.
Peux tu me donner le nom de ton fournisseur d'accés à internet stp?

Edit:Aprés une autre lecture, je m'aperçois que des fournisseurs allemands ne te sont pas inconnus "T-Systems Enterprise Services GmbH ", j'attends ta confirmation avant que l'on pousse la recherche.

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 30 Jan 2010 16:26

Bonjour,

heu....je vis en Allemagne :) . Mon fournisseur est T-Com.
Sorry, j'aurais peut-être dû le préciser.
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 30 Jan 2010 16:31

Re,

Il n'y a pas de soucis, c'est préférable que ce soit ainsi :supers:
On va pousser la recherche un peu plus loin pour s'assurer que tout ait été supprimé:

Télécharge RSIT crée par Random/random

  • Enregistre le sur ton bureau
  • Double-clique dessus
  • Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

  • Poste le contenu de log.txt qui sera affiché
  • Poste le contenu de info.txt qui sera réduit dans la Barre des Tâches.

Remarque: Les 2 rapports se situent aussi dans C:/Rsit

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 30 Jan 2010 17:29

ok..voilà le log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by guy at 2010-01-30 17:26:26
Microsoft Windows XP Professional Service Pack 2
System drive C: has 181 GB (77%) free of 236 GB
Total RAM: 1023 MB (47% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for guy .job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-28 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"nod32kui"=C:\Programme\Eset\nod32kui.exe [2006-11-05 917504]
"COMODO Firewall Pro"=C:\Programme\Comodo\Firewall\CPF.exe [2008-01-31 1115728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!CleanupNetMeetingDispDriver]
msconf.dll,CleanupNetMeetingDispDriver 0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2006-11-06 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMIMZMHMFM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cloneur Expert Monitor]
C:\Programme\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2006-11-06 443116]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
C:\WINDOWS\Dit.exe [2004-04-02 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
dxdllreg.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2006]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2009]
C:\Programme\East-Tec Eraser 2009\etsecureerase.exe [2009-07-08 1376928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Programme\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Programme\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
C:\WINDOWS\is-CGNQ7.exe [2009-12-05 696832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2004-05-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Programme\LogMeIn\x86\LogMeInSystray.exe [2007-09-12 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-10 185344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Programme\Spybot\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Programme\uTorrent\uTorrent.exe [2009-12-10 289584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]

C:\Dokumente und Einstellungen\guy \Startmenü\Programme\Autostart
Stardock ObjectDock.lnk - C:\Programme\Stardock\ObjectDock\ObjectDock.exe
t-com.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe"="C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{503face7-da2e-11dd-9908-001109b33ea2}]
shell\AutoRun\command - Q:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fdf410d-4c6b-11d9-9fd4-806d6172696f}]
shell\AutoRun\command - hh start.chm


======List of files/folders created in the last 1 months======

2010-01-30 17:26:26 ----DC---- C:\rsit
2010-01-29 14:33:01 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\QuickScan
2010-01-29 05:14:03 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\Adobe
2010-01-28 18:58:46 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\java.exe
2010-01-27 18:11:26 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\Real
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-01-26 17:26:15 ----D---- C:\Programme\Blu-ray to DVD Pro
2010-01-24 11:44:36 ----D---- C:\Programme\TomTom DesktopSuite
2010-01-24 10:28:22 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
2010-01-24 10:27:51 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\TomTom
2010-01-24 10:26:49 ----D---- C:\Programme\TomTom International B.V
2010-01-24 10:26:29 ----D---- C:\Programme\TomTom HOME 2
2010-01-23 11:36:19 ----D---- C:\Programme\DxO Labs
2010-01-23 06:34:49 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\DxO Labs
2010-01-23 06:31:27 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Programme\Gemeinsame Dateien\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\PACE Anti-Piracy
2010-01-17 07:59:16 ----D---- C:\Programme\Play+Smile
2010-01-06 16:04:17 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\FastStone
2010-01-06 16:03:32 ----D---- C:\Programme\FastStone Image Viewer
2010-01-06 12:21:29 ----D---- C:\Programme\Gemeinsame Dateien\PC Tools

======List of files/folders modified in the last 1 months======

2010-01-30 17:26:27 ----RD---- C:\Outils
2010-01-30 17:26:20 ----D---- C:\WINDOWS\Prefetch
2010-01-30 15:38:55 ----D---- C:\WINDOWS\Temp
2010-01-30 15:34:34 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\uTorrent
2010-01-30 11:58:49 ----A---- C:\WINDOWS\ChssBase.ini
2010-01-30 10:49:22 ----D---- C:\Programme\Mozilla Thunderbird
2010-01-30 01:07:52 ----D---- C:\WINDOWS
2010-01-29 17:49:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-29 17:49:51 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-29 17:36:06 ----ADC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-01-29 17:33:13 ----D---- C:\WINDOWS\Registration
2010-01-29 17:31:02 ----D---- C:\WINDOWS\system32\drivers
2010-01-29 17:31:02 ----D---- C:\WINDOWS\Config
2010-01-29 17:30:37 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-01-29 15:43:44 ----AD---- C:\WINDOWS\system32
2010-01-29 09:38:35 ----HD---- C:\WINDOWS\inf
2010-01-29 08:57:52 ----RD---- C:\Programme
2010-01-29 08:23:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-01-29 06:32:00 ----D---- C:\Programme\LogMeIn
2010-01-28 19:20:52 ----RSHC---- C:\boot.ini
2010-01-28 19:20:52 ----A---- C:\WINDOWS\win.ini
2010-01-28 19:20:52 ----A---- C:\WINDOWS\system.ini
2010-01-28 19:07:09 ----D---- C:\Programme\Java
2010-01-28 18:58:46 ----SHD---- C:\WINDOWS\Installer
2010-01-28 18:58:45 ----DC---- C:\Config.Msi
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-28 18:58:07 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-28 18:38:48 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS
2010-01-27 23:07:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-27 19:41:32 ----D---- C:\Programme\Mozilla Firefox
2010-01-27 18:11:15 ----D---- C:\Programme\Radio Fr Solo
2010-01-27 18:05:44 ----D---- C:\Programme\Real Alternative
2010-01-27 17:37:47 ----A---- C:\WINDOWS\Radio_Fr.ini
2010-01-27 05:35:27 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-27 05:00:47 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DVD Shrink
2010-01-27 00:23:50 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\Skype
2010-01-27 00:03:18 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\skypePM
2010-01-25 17:41:51 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\dvdcss
2010-01-24 20:40:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-24 14:00:21 ----RSD---- C:\WINDOWS\Fonts
2010-01-24 14:00:21 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-01-24 14:00:15 ----D---- C:\Programme\Microsoft Office
2010-01-24 14:00:05 ----D---- C:\Programme\MSECACHE
2010-01-24 07:47:16 ----ASDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2010-01-24 07:47:16 ----AD---- C:\Programme\Gemeinsame Dateien\System
2010-01-23 09:28:19 ----D---- C:\WINDOWS\I386
2010-01-23 09:25:24 ----SD---- C:\WINDOWS\Tasks
2010-01-23 08:54:16 ----D---- C:\WINDOWS\Driver Cache
2010-01-14 04:52:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-10 10:11:20 ----A---- C:\WINDOWS\Muxman.ini
2010-01-08 05:59:59 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-01-06 15:57:13 ----D---- C:\WINDOWS\WinSxS
2010-01-06 11:06:54 ----A---- C:\WINDOWS\wininit.ini
2010-01-06 09:36:19 ----D---- C:\WINDOWS\system32\config
2010-01-06 07:47:26 ----D---- C:\Dokumente und Einstellungen\guy \Anwendungsdaten\Corel
2010-01-04 18:19:37 ----D---- C:\Temp
2010-01-04 18:07:03 ----A---- C:\WINDOWS\MyDrivers.ini
2009-12-31 05:05:01 ----D---- C:\WINDOWS\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-11-04 43488]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2008-01-31 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Programme\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 lusbaudio;Logitech USB Microphone; C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 34816]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-06-08 71696]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Programme\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-11-06 28928]
R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-21 949888]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2002-10-29 40960]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-05 13872]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 HidIr;Microsoft Infrarot-HID-Treiber; C:\WINDOWS\system32\DRIVERS\hidir.sys [2004-08-10 17024]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2004-08-10 46208]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-06 7429088]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-07 47360]
R3 QCEmerald;Logitech QuickCam Web(PID_0850); C:\WINDOWS\system32\DRIVERS\LVCE.sys [2002-06-10 44544]
R3 TSMPacket;T-DSL Manager Service; C:\WINDOWS\system32\DRIVERS\tsmpkt.sys [2006-12-01 13184]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S2 WBUSB;Winbond Generic USB Controller; C:\WINDOWS\System32\Drivers\WBUSB.sys [2003-10-03 13356]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Registry Filter.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 hcwPP2;Hauppauge WinTV PVR PCI II (26xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2004-08-27 116736]
S3 HdAudAddService;Microsoft UAA-Funktionstreiber für den High Definition Audio-Dienst; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-09-18 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-09-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-09-18 21488]
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\T-COM\DSLCheck\PCANDIS5.SYS []
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-05-01 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2006-11-06 155648]
R2 CmdAgent;Comodo Application Agent; C:\Programme\Comodo\Firewall\cmdagent.exe [2008-01-31 361040]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-10-01 195584]
R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-01-28 153376]
R2 MBAMService;MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 NOD32krn;NOD32 Kernel Service; C:\Programme\Eset\nod32krn.exe [2006-11-05 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-06 155716]
R2 PDAgent;PDAgent; C:\Programme\Raxco\PerfectDisk10\PDAgent.exe [2009-07-23 931080]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 ScsiAccess;ScsiAccess; C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe [2009-10-12 181312]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-08 604488]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
R3 PDEngine;PDEngine; C:\Programme\Raxco\PerfectDisk10\PDEngine.exe [2009-07-23 1033480]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 268800]
S2 TomTomHOMEService;TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HotSpotFSvc;Hotspot Manager; C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe [2006-12-12 212992]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPodService;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2004-05-06 401408]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-09-18 65795]
S3 TDslMgrService;T-DSL Manager; C:\Programme\T-DSL Manager\DslMgrSvc.exe [2006-12-18 266240]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-08 361288]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S4 InCDsrv;InCD Helper; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Programme\LogMeIn\x86\RaMaint.exe [2009-09-28 116032]
S4 LogMeIn;LogMeIn; C:\Programme\LogMeIn\x86\LogMeIn.exe [2007-09-12 63040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

et voici le info.txt

info.txt logfile of random's system information tool 1.06 2010-01-30 17:27:20

======Uninstall list======

-->C:\Programme\DivX\ConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\system32\RunDll32.Exe C:\WINDOWS\system32\SetupAPI.Dll,InstallHinfSection DefaultUninstall.NTx86 4 C:\WINDOWS\INF\thdudf.Inf
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.44 beta-->"C:\Programme\7-Zip\Uninstall.exe"
AC3Filter (remove only)-->C:\Programme\AC3Filter\uninstall.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Agenda 2.4.2-->"C:\Programme\LedPC Application\Agenda\unins000.exe"
Ant Movie Catalog-->"C:\Programme\Ant Movie Catalog\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Autoplay Repair 2.2.2-->"C:\Programme\Autoplay Repair\uninstall.exe"
AVIcodec (remove only)-->"C:\Programme\AVIcodec\uninst.exe"
BadCopy Pro-->C:\PROGRA~1\Jufsoft\BadCopy\UNWISE.EXE C:\PROGRA~1\Jufsoft\BadCopy\INSTALL.LOG
Blu-ray to DVD Pro ver 2.32-->"C:\Programme\Blu-ray to DVD Pro\unins000.exe"
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
cdrLabel 7.1-->MsiExec.exe /I{279FC9F9-1872-4927-AB0E-A93154F7D339}
CloneDVD2-->"C:\Programme\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Programme\Elaborate Bytes\CloneDVD2"
Cloneur Expert-->C:\Programme\Micro Application\Cloneur Expert\uninstall.exe
C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
COMODO Firewall Pro-->C:\Programme\Comodo\Firewall\fwconfig.exe -uninstalln
ConvertXtoDVD 2.0.4-->"C:\Programme\vso\ConvertXtoDVD\unins000.exe"
CutePDF Writer 2.6-->C:\WINDOWS\system32\uninscpw.exe C:\Programme\
DivX ;-) Audio Compressor 4.02-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivXAudioCompressor4.02.inf
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader-->C:\Programme\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter-->C:\Programme\DivX\ConverterUninstall.exe /CONVERTER
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decrypter (Remove Only)-->"C:\Programme\DVD Decrypter\uninstall.exe"
DVD Rebuilder-->"C:\Programme\DVD-RB PRO\unins000.exe"
DVD Shrink 3.2-->"C:\Programme\DVD Shrink\unins000.exe"
DVD slideshow GUI 0.9.1.0-->"C:\Programme\DVD slideshow GUI\unins000.exe"
DVDate (en Fançais)-->"C:\Programme\DVDate\unins000.exe"
DVD-lab PRO 2.2-->"C:\Programme\DVDlabPro2\unins000.exe"
DVDStyler v1.7.2-->"C:\Programme\DVDStyler\unins000.exe"
DxO Optics Pro 6-->MsiExec.exe /X{3B8F29EB-703C-4723-8CDE-4B2E5D695972}
East-Tec Eraser 2009 Version 9.5-->"C:\Programme\East-Tec Eraser 2009\unins000.exe"
Ecuador's AVI Bitrate Calculator 2.91 DX-->C:\WINDOWS\st6unst.exe -n "C:\Programme\AVICalc2\ST6UNST.LOG"
Einfache Internetanmeldung-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1031
Empty Temp Folders 2.8.3-->C:\Programme\Empty Temp Folders 2.8.3\uninstall.exe
FastStone Image Viewer 4.0-->C:\Programme\FastStone Image Viewer\uninst.exe
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Image Zone 3.5-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 3.5-->"C:\Programme\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
Installation Windows Live-->C:\Programme\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->C:\Programme\Gemeinsame Dateien\InstallShield\Driver\8\Intel 32\IDriver.exe /M{35AFD495-EC2E-4B2B-B9DB-30EEBC74049D}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
jv16 PowerTools 2009-->C:\Programme\jv16 PowerTools 2009\Uninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Logitech ImageStudio-->MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
LogMeIn-->MsiExec.exe /I{A83C6C34-3007-422A-9E56-A74996BCCDBD}
Macromedia Flash Player 8-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Macromedia Flash Player 8-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic fr-->"C:\Programme\Media Player Classic\uninstall.exe"
MediaInfo 0.7.3.1-->C:\Programme\MediaInfo\uninst.exe
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\PROGRAMME\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyPhoneExplorer-->C:\Programme\MyPhoneExplorer\uninstall.exe
Nero 7-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 Antivirus System-->C:\Programme\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v1.9-->"C:\Programme\Eset\unins000.exe"
Norton PartitionMagic 8.0-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
ObjectDock Plus-->C:\PROGRA~1\Stardock\OBJECT~1\objectdock.exe /uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda TotalScan-->C:\Programme\Panda Security\TotalScan\ascuninst.exe
PerfectDisk 10 Professional-->MsiExec.exe /I{7B738CD9-D107-48C7-8E65-2E6639A39C8D}
Photodex Presenter-->C:\Programme\Photodex Presenter\uninst.exe
ProShow Producer-->C:\Programme\Photodex\ProShowProducer\uninst.exe
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
QuickTime Alternative 1.69-->"C:\Programme\QuickTime Alternative\unins000.exe"
Radio Fr Solo 2.1-->C:\Programme\Radio Fr Solo\Uninstall.exe
Real Alternative 2.0.1-->"C:\Programme\Real Alternative\unins000.exe"
Real-Draw PRO 4.0-->"C:\Programme\RealDrawPRO4\unins000.exe"
Ri4m v5.0.1d-->C:\Programme\Ripp-it_AM\Ri4m_Uninstal.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza 2.3.1.0-->"C:\Programme\Shareaza\Uninstall\unins000.exe"
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Programme\Spybot\Spybot - Search & Destroy\unins000.exe"
T-DSL Manager-->MsiExec.exe /I{13D3FE3C-C175-4BA3-9483-5BB01B502F19}
Time Adjuster v2.9 (STANDARD)-->C:\Programme\TimeAdjuster\uninstall.exe
TMPGEnc 4.0 XPress-->MsiExec.exe /I{ED80F174-B621-4B8F-BBB9-3E031A59555A}
TomTom HOME 2.7.3.1894-->C:\Programme\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Torrent Harvester-->C:\Programme\Torrent Harvester\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Ultra MKV Converter 3.2.1025-->"C:\Programme\Ultra MKV Converter\unins000.exe"
UltraISO Premium V9.32-->"C:\Programme\UltraISO\unins000.exe"
Uniblue RegistryBooster 2010-->"C:\Programme\Uniblue\RegistryBooster\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VistaMizer 3.3.0.0-->C:\WINDOWS\VistaMizer\Uninstall.exe
Winamp (remove only)-->"C:\Programme\Winamp\UninstWA.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
XviD MPEG-4 Video Codec-->C:\Programme\XviD\unins000.exe
Your Uninstaller! 2008 Version 6.0-->"C:\Programme\Your Uninstaller 2008\unins000.exe"

======Hosts File======

127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: NOD32 Antivirus System 2.50
FW: COMODO Firewall Pro (disabled)

======System event log======

Computer Name: GUY
Event Code: 7000
Message: Der Dienst "Winbond Generic USB Controller" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Record Number: 10952
Source Name: Service Control Manager
Time Written: 20091112185332.000000+060
Event Type: Fehler
User:

Computer Name: GUY
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.

Record Number: 10951
Source Name: EventLog
Time Written: 20091112185201.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 10950
Source Name: EventLog
Time Written: 20091112185201.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 6006
Message: Der Ereignisprotokolldienst wurde beendet.

Record Number: 10949
Source Name: EventLog
Time Written: 20091112183922.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 7035
Message: Der Steuerbefehl "beenden" wurde erfolgreich an den Dienst "TuneUp Drive Defrag-Dienst" gesendet.

Record Number: 10948
Source Name: Service Control Manager
Time Written: 20091112183650.000000+060
Event Type: Informationen
User: GUY\guy

=====Application event log=====

Computer Name: GUY
Event Code: 2
Message:
Record Number: 562
Source Name: Diskeeper
Time Written: 20091029225734.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 1517
Message: Die Registrierung des Benutzers "GUY\guy" wurde gespeichert, obwohl eine Anwendung oder ein Dienst auf die Registrierung während der Abmeldung zugegriffen hat. Der von der Registrierung des Benutzers verwendete Speicher wurde nicht freigegeben. Der Upload der Registrierung wird durchgeführt, wenn diese nicht mehr verwendet wird.


Dies wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie diese so zu Konfigurieren, dass sie unter den Konten "Lokaler Dienst" oder "Netzwerkdienst" ausgeführt werden.

Record Number: 561
Source Name: Userenv
Time Written: 20091029063944.000000+060
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: GUY
Event Code: 1524
Message: Die Klassenregistrierungsdatei kann nicht entladen werden, da sie weiterhin von anderen Anwendungen bzw. Diensten verwendet wird. Die Datei wird entladen, wenn sie nicht mehr verwendet wird.



Record Number: 560
Source Name: Userenv
Time Written: 20091029063920.000000+060
Event Type: Warnung
User: GUY\guy

Computer Name: GUY
Event Code: 32068
Message: Die ausgehende Verteilerregel ist nicht gültig, weil kein gültiges Gerät gefunden werden kann. Ausgehende Faxe, die diese Regel verwenden, werden nicht weitergeleitet. Stellen Sie sicher, dass das angezielte Gerät bzw. die angezielten Geräte angeschlossen, korrekt installiert und angeschaltet sind. Stellen Sie außerdem sicher, dass die Gruppe korrekt konfiguriert ist, falls die Weiterleitung an eine Gruppe von Geräten erfolgen soll.
Landes-/Regionskennzahl: "*"
Ortskennzahl: "*"

Record Number: 559
Source Name: Microsoft Fax
Time Written: 20091029060428.000000+060
Event Type: Warnung
User:

Computer Name: GUY
Event Code: 32026
Message: Fehler beim Initialisieren der zugewiesenen Faxgeräte (virtuell oder TAPI) durch den Faxdienst.
Es können keine Faxe gesendet werden, bis ein Faxgerät installiert ist.

Record Number: 558
Source Name: Microsoft Fax
Time Written: 20091029060428.000000+060
Event Type: Warnung
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0304
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 31 Jan 2010 11:32

Bonjour Guy-Pierre,

Bon, il y a des traces de certaines choses que l'on va supprimer, applique ceci dans l'ordre demandé stp:

1)
Télécharge sur le bureau OTM crée par de Old_Timer

  • Enregistre-le sur ton Bureau.
  • Double-clique dessus.
  • Copie la liste qui se trouve dans la zone code ci-dessous et colle-la dans le cadre de gauche sous "Paste instructions for Items to be Moved".

Code: Tout sélectionner
go

:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMIMZMHMFM]

:Commands
[emptytemp]
[Reboot]



  • Clique sur "MoveIt!" pour lancer la suppression. Le résultat apparaitra alors dans le cadre "Results"
  • Copie/Colle ce résultat
  • Clique sur Exit pour fermer.

Remarque: Il est possible qu'il te soit demandé de redémarrer ton ordinateur pour supprimer les fichiers,ce redémarrage peut être plus long qu’à l’accoutumé.Accepte et dans ce cas, après redémarrage, tu trouveras justement le rapport dans le dossier C:\OTMoveIt\MovedFiles.

    Si ton Bureau ne réapparaît pas:
    - Fais CTRL+ALT+SUPP pour ouvrir le Gestionnaire de tâches.
    - Clique en haut à gauche sur "Fichier"
    - Choisi "Nouvelle tâche" (Exécuter ...)
    - Tape "explorer" et valide.
    - Cela fera apparaître ton Bureau.

2)
Télécharge MBAM

  • Installe le
  • Lance l'outil
  • Coche "Executer un examen complet"
  • Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
  • Clique sur Supprimer la sélection
  • Pour poster le rapport clique sur l'onglet Rapports/Log et
  • Sélectionne celui t'intéresse et clique sur Ouvrir
  • Fait copier coller et poste le rapport stp

:arrow: Si tu possèdes déjà MBAM, pense à le mettre à jour.

3)
  • Lance un scan en ligne avec Bitdefender
  • Fais le sous Internet Explorer
  • Accepte les conditions d'utilisation, et clique sur "Start here"
  • Accepte le contrôle Active X, fenêtre jaune en haut de la page.

Image

  • Poste moi le rapport affiché

Pour t'aider si tu le souhaite Tutorial Bitdefender Online

Tuto Scan Bitdefender


A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 31 Jan 2010 14:15

Bonjour,
voilà les trois rapports demandés :

1)

All processes killed
Error: Unable to interpret <go> in the current context!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMIMZMHMFM\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 81920 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 82054 bytes

User: guy
->Temp folder emptied: 4064480 bytes
->Temporary Internet Files folder emptied: 205204 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 98882741 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 13109626 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 82054 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 24 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 126462 bytes
RecycleBin emptied: 3678065793 bytes

Total Files Cleaned = 3 619,00 mb


OTM by OldTimer - Version 3.1.7.1 log created on 01312010_114129

Files moved on Reboot...
C:\Dokumente und Einstellungen\guy\Lokale Einstellungen\Temp\~DF4846.tmp moved successfully.
File move failed. C:\WINDOWS\S4A8F3FEE.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...
________________________________________________________________________________________

2)

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3667
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

31/01/2010 12:48:30
mbam-log-2010-01-31 (12-48-30).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 217614
Temps écoulé: 55 minute(s), 27 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Programme\Malwarebytes' Anti-Malware\CRACK !!\Keymaker.exe (Trojan.Banker) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{51009DB3-C9EE-4678-8D4D-1CD825970B84}\RP1142\A0243942.exe (Trojan.Banker) -> Quarantined and deleted successfully.
______________________________________________________________________________________________________

3)

BitDefender Online Scanner - Real Time Virus Report
Generated at: Sun, Jan 31, 2010 - 14:03:23
Scan Info
Scanned Files
307050
Infected Files
8
Virus Detected
Trojan.Generic.2573245
2
DeepScan:Generic.Malware.P!.5F1AEB08
2
Trojan.Generic.IS.410532
2
Dialer.Generic.50626
1
Dialer.Generic.13374
1

This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 31 Jan 2010 15:27

Re,

C'est quoi cette version de MBAM que tu as?

C:\Programme\Malwarebytes' Anti-Malware\CRACK !!\Keymaker.exe (Trojan.Banker) -> Quarantined and deleted successfully.


Il serait préférable que tu garde la version gratuite sans protections permanentes, que un crack.Je pense que c'est un manque de respect pour tout les gens qui se mettent en quatre pour rendre aussi efficace cet outil.
J'attends des précisions.

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 31 Jan 2010 17:23

C'est tout simplement une version qui m'a été proposée pour avoir une protection résidente. Je vais la désinstaller. :oops:
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 31 Jan 2010 17:43

Re,

Ok, je pense que c'est préférable :supers:

Est ce que tu as d'autres problèmes avec ta machine?
On va faire une dernière vérificatio, peux tu me reposter un rapport RSIT.

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 31 Jan 2010 18:24

Heu...hélas oui :oops:
J'ai fait un essai en éteignant la machine. Après le démarrage je me suis connecté sur Internet via FF. Après quelques secondes j'ai un nouvel onglet qui s'est ouvert avec un site de jeu de casino : "http://fr.888.com" :plaf:
Voici les deux rapports RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by guy at 2010-01-31 18:11:15
Microsoft Windows XP Professional Service Pack 2
System drive C: has 161 GB (74%) free of 218 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:44, on 31/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Programme\Eset\nod32kui.exe
C:\Programme\Comodo\Firewall\CPF.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programme\Stardock\ObjectDock\ObjectDock.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
C:\PROGRAMME\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE
C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE
C:\PROGRAMME\UTORRENT\UTORRENT.EXE
C:\Dokumente und Einstellungen\guy \Desktop\RSIT.exe
C:\Outils\guy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - Startup: Stardock ObjectDock.lnk = C:\Programme\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: t-com.lnk = ?
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 2325786494
O17 - HKLM\System\CCS\Services\Tcpip\..\{388D20A8-304B-4C2B-A91F-D8D6F9095206}: NameServer = 217.0.43.161 217.0.43.177
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - T-Systems Enterprise Services GmbH - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programme\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: T-DSL Manager (TDslMgrService) - T-Systems - C:\Programme\T-DSL Manager\DslMgrSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 6465 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for guy.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-28 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-28 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"nod32kui"=C:\Programme\Eset\nod32kui.exe [2006-11-05 917504]
"COMODO Firewall Pro"=C:\Programme\Comodo\Firewall\CPF.exe [2008-01-31 1115728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!CleanupNetMeetingDispDriver]
msconf.dll,CleanupNetMeetingDispDriver 0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2006-11-06 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cloneur Expert Monitor]
C:\Programme\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2006-11-06 443116]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit]
C:\WINDOWS\Dit.exe [2004-04-02 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
dxdllreg.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2006]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\East-Tec Eraser 2009]
C:\Programme\East-Tec Eraser 2009\etsecureerase.exe [2009-07-08 1376928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Programme\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Programme\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InnoSetupRegFile.0000000001]
C:\WINDOWS\is-CGNQ7.exe [2009-12-05 696832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Programme\LogMeIn\x86\LogMeInSystray.exe [2007-09-12 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-10 185344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-11-06 8523776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Programme\Spybot\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Programme\uTorrent\uTorrent.exe [2009-12-10 289584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]

C:\Dokumente und Einstellungen\guy\Startmenü\Programme\Autostart
Stardock ObjectDock.lnk - C:\Programme\Stardock\ObjectDock\ObjectDock.exe
t-com.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe"="C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{503face7-da2e-11dd-9908-001109b33ea2}]
shell\AutoRun\command - Q:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fdf410d-4c6b-11d9-9fd4-806d6172696f}]
shell\AutoRun\command - hh start.chm


======List of files/folders created in the last 1 months======

2010-01-31 12:01:26 ----D---- C:\WINDOWS\BDOSCAN8
2010-01-31 11:41:29 ----DC---- C:\_OTM
2010-01-30 17:26:26 ----DC---- C:\rsit
2010-01-29 14:33:01 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\QuickScan
2010-01-29 05:14:03 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Adobe
2010-01-28 18:58:46 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-28 18:58:21 ----A---- C:\WINDOWS\system32\java.exe
2010-01-27 18:11:26 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Real
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-01-27 18:03:10 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-01-26 17:26:15 ----D---- C:\Programme\Blu-ray to DVD Pro
2010-01-24 11:44:36 ----D---- C:\Programme\TomTom DesktopSuite
2010-01-24 10:28:22 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
2010-01-24 10:27:51 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\TomTom
2010-01-24 10:26:49 ----D---- C:\Programme\TomTom International B.V
2010-01-24 10:26:29 ----D---- C:\Programme\TomTom HOME 2
2010-01-23 11:36:19 ----D---- C:\Programme\DxO Labs
2010-01-23 06:34:49 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\DxO Labs
2010-01-23 06:31:27 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Programme\Gemeinsame Dateien\PACE Anti-Piracy
2010-01-23 06:31:27 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\PACE Anti-Piracy
2010-01-06 16:04:17 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\FastStone
2010-01-06 16:03:32 ----D---- C:\Programme\FastStone Image Viewer
2010-01-06 12:21:29 ----D---- C:\Programme\Gemeinsame Dateien\PC Tools

======List of files/folders modified in the last 1 months======

2010-01-31 18:11:44 ----RD---- C:\Outils
2010-01-31 18:11:38 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\uTorrent
2010-01-31 18:10:43 ----D---- C:\WINDOWS\Temp
2010-01-31 18:07:21 ----D---- C:\Programme\Mozilla Thunderbird
2010-01-31 18:05:47 ----D---- C:\WINDOWS\Registration
2010-01-31 18:05:26 ----D---- C:\WINDOWS
2010-01-31 18:04:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-31 17:53:39 ----D---- C:\WINDOWS\Prefetch
2010-01-31 17:47:11 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-01-31 17:20:33 ----D---- C:\Programme\PhotoFiltre Studio X
2010-01-31 17:20:08 ----D---- C:\Programme\Raxco
2010-01-31 15:30:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-31 15:30:00 ----RSD---- C:\WINDOWS\assembly
2010-01-31 14:26:15 ----SHD---- C:\WINDOWS\Installer
2010-01-31 14:26:15 ----DC---- C:\Config.Msi
2010-01-31 12:50:20 ----SH---- C:\WINDOWS\S4A8F3FEE.tmp
2010-01-31 12:49:59 ----D---- C:\WINDOWS\VistaMizer
2010-01-31 12:49:59 ----D---- C:\WINDOWS\system32\drivers
2010-01-31 12:01:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-31 12:01:26 ----HD---- C:\WINDOWS\inf
2010-01-31 12:01:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-31 11:27:00 ----RSHC---- C:\boot.ini
2010-01-31 08:52:58 ----D---- C:\WINDOWS\Downloaded Installations
2010-01-31 07:35:07 ----D---- C:\Programme\Mozilla Firefox
2010-01-31 07:27:00 ----D---- C:\WINDOWS\system32\config
2010-01-31 07:18:27 ----ADC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-01-31 07:01:35 ----D---- C:\Programme\DivX
2010-01-31 06:54:18 ----RD---- C:\Programme
2010-01-30 11:58:49 ----A---- C:\WINDOWS\ChssBase.ini
2010-01-29 17:49:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-29 17:31:02 ----D---- C:\WINDOWS\Config
2010-01-29 15:43:44 ----AD---- C:\WINDOWS\system32
2010-01-29 08:23:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-01-29 06:32:00 ----D---- C:\Programme\LogMeIn
2010-01-28 19:20:52 ----A---- C:\WINDOWS\win.ini
2010-01-28 19:20:52 ----A---- C:\WINDOWS\system.ini
2010-01-28 19:07:09 ----D---- C:\Programme\Java
2010-01-28 18:58:43 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-28 18:58:07 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-28 18:38:48 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS
2010-01-27 18:11:15 ----D---- C:\Programme\Radio Fr Solo
2010-01-27 18:05:44 ----D---- C:\Programme\Real Alternative
2010-01-27 17:37:47 ----A---- C:\WINDOWS\Radio_Fr.ini
2010-01-27 05:35:27 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-27 05:00:47 ----DC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DVD Shrink
2010-01-27 00:23:50 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Skype
2010-01-27 00:03:18 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\skypePM
2010-01-25 17:41:51 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\dvdcss
2010-01-24 20:40:27 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-24 14:00:21 ----RSD---- C:\WINDOWS\Fonts
2010-01-24 14:00:21 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-01-24 14:00:15 ----D---- C:\Programme\Microsoft Office
2010-01-24 14:00:05 ----D---- C:\Programme\MSECACHE
2010-01-24 07:47:16 ----ASDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2010-01-24 07:47:16 ----AD---- C:\Programme\Gemeinsame Dateien\System
2010-01-23 09:28:19 ----D---- C:\WINDOWS\I386
2010-01-23 09:25:24 ----SD---- C:\WINDOWS\Tasks
2010-01-23 08:54:16 ----D---- C:\WINDOWS\Driver Cache
2010-01-14 04:52:25 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-10 10:11:20 ----A---- C:\WINDOWS\Muxman.ini
2010-01-06 15:57:13 ----D---- C:\WINDOWS\WinSxS
2010-01-06 11:06:54 ----A---- C:\WINDOWS\wininit.ini
2010-01-06 07:47:26 ----D---- C:\Dokumente und Einstellungen\guy\Anwendungsdaten\Corel
2010-01-04 18:19:37 ----D---- C:\Temp
2010-01-04 18:07:03 ----A---- C:\WINDOWS\MyDrivers.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-11-04 43488]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2008-01-31 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-25 36776]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-25 38440]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Programme\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 lusbaudio;Logitech USB Microphone; C:\WINDOWS\system32\drivers\lvsound2.sys [2002-06-10 34816]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-06-08 71696]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Programme\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2006-11-11 66944]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-11-06 28928]
R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-10-21 949888]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
R3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2002-10-29 40960]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-05 13872]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 HidIr;Microsoft Infrarot-HID-Treiber; C:\WINDOWS\system32\DRIVERS\hidir.sys [2004-08-10 17024]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2004-08-10 46208]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2007-09-12 10144]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-06 7429088]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-11-07 47360]
R3 QCEmerald;Logitech QuickCam Web(PID_0850); C:\WINDOWS\system32\DRIVERS\LVCE.sys [2002-06-10 44544]
R3 TSMPacket;T-DSL Manager Service; C:\WINDOWS\system32\DRIVERS\tsmpkt.sys [2006-12-01 13184]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-25 119080]
S2 WBUSB;Winbond Generic USB Controller; C:\WINDOWS\System32\Drivers\WBUSB.sys [2003-10-03 13356]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Registry Filter.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 hcwPP2;Hauppauge WinTV PVR PCI II (26xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2004-08-27 116736]
S3 HdAudAddService;Microsoft UAA-Funktionstreiber für den High Definition Audio-Dienst; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-09-18 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-09-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-09-18 21488]
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\T-COM\DSLCheck\PCANDIS5.SYS []
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-05-01 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2006-11-06 155648]
R2 CmdAgent;Comodo Application Agent; C:\Programme\Comodo\Firewall\cmdagent.exe [2008-01-31 361040]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-10-01 195584]
R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-01-28 153376]
R2 MBAMService;MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 NOD32krn;NOD32 Kernel Service; C:\Programme\Eset\nod32krn.exe [2006-11-05 495616]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-06 155716]
R2 PDAgent;PDAgent; C:\Programme\Raxco\PerfectDisk10\PDAgent.exe [2009-07-23 931080]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 ScsiAccess;ScsiAccess; C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe [2009-10-12 181312]
R2 TomTomHOMEService;TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-08 604488]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
R3 PDEngine;PDEngine; C:\Programme\Raxco\PerfectDisk10\PDEngine.exe [2009-07-23 1033480]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 268800]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HotSpotFSvc;Hotspot Manager; C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe [2006-12-12 212992]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPodService;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2004-05-06 401408]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-09-18 65795]
S3 TDslMgrService;T-DSL Manager; C:\Programme\T-DSL Manager\DslMgrSvc.exe [2006-12-18 266240]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-08 361288]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S4 InCDsrv;InCD Helper; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-25 1552680]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Programme\LogMeIn\x86\RaMaint.exe [2009-09-28 116032]
S4 LogMeIn;LogMeIn; C:\Programme\LogMeIn\x86\LogMeIn.exe [2007-09-12 63040]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.06 2010-01-31 18:11:48

======Uninstall list======

-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
-->C:\WINDOWS\system32\RunDll32.Exe C:\WINDOWS\system32\SetupAPI.Dll,InstallHinfSection DefaultUninstall.NTx86 4 C:\WINDOWS\INF\thdudf.Inf
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.44 beta-->"C:\Programme\7-Zip\Uninstall.exe"
AC3Filter (remove only)-->C:\Programme\AC3Filter\uninstall.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Agenda 2.4.2-->"C:\Programme\LedPC Application\Agenda\unins000.exe"
Ant Movie Catalog-->"C:\Programme\Ant Movie Catalog\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Autoplay Repair 2.2.2-->"C:\Programme\Autoplay Repair\uninstall.exe"
AVIcodec (remove only)-->"C:\Programme\AVIcodec\uninst.exe"
BadCopy Pro-->C:\PROGRA~1\Jufsoft\BadCopy\UNWISE.EXE C:\PROGRA~1\Jufsoft\BadCopy\INSTALL.LOG
Blu-ray to DVD Pro ver 2.32-->"C:\Programme\Blu-ray to DVD Pro\unins000.exe"
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
cdrLabel 7.1-->MsiExec.exe /I{279FC9F9-1872-4927-AB0E-A93154F7D339}
CloneDVD2-->"C:\Programme\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Programme\Elaborate Bytes\CloneDVD2"
Cloneur Expert-->C:\Programme\Micro Application\Cloneur Expert\uninstall.exe
C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
COMODO Firewall Pro-->C:\Programme\Comodo\Firewall\fwconfig.exe -uninstalln
ConvertXtoDVD 2.0.4-->"C:\Programme\vso\ConvertXtoDVD\unins000.exe"
CutePDF Writer 2.6-->C:\WINDOWS\system32\uninscpw.exe C:\Programme\
DivX ;-) Audio Compressor 4.02-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivXAudioCompressor4.02.inf
DVD Decrypter (Remove Only)-->"C:\Programme\DVD Decrypter\uninstall.exe"
DVD Rebuilder-->"C:\Programme\DVD-RB PRO\unins000.exe"
DVD Shrink 3.2-->"C:\Programme\DVD Shrink\unins000.exe"
DVD slideshow GUI 0.9.1.0-->"C:\Programme\DVD slideshow GUI\unins000.exe"
DVDate (en Fançais)-->"C:\Programme\DVDate\unins000.exe"
DVD-lab PRO 2.2-->"C:\Programme\DVDlabPro2\unins000.exe"
DVDStyler v1.7.2-->"C:\Programme\DVDStyler\unins000.exe"
DxO Optics Pro 6-->MsiExec.exe /X{3B8F29EB-703C-4723-8CDE-4B2E5D695972}
East-Tec Eraser 2009 Version 9.5-->"C:\Programme\East-Tec Eraser 2009\unins000.exe"
Ecuador's AVI Bitrate Calculator 2.91 DX-->C:\WINDOWS\st6unst.exe -n "C:\Programme\AVICalc2\ST6UNST.LOG"
Einfache Internetanmeldung-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1031
Empty Temp Folders 2.8.3-->C:\Programme\Empty Temp Folders 2.8.3\uninstall.exe
FastStone Image Viewer 4.0-->C:\Programme\FastStone Image Viewer\uninst.exe
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Outils\HijackThis.exe" /uninstall
HP Image Zone 3.5-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 3.5-->"C:\Programme\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
Installation Windows Live-->C:\Programme\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
jv16 PowerTools 2009-->C:\Programme\jv16 PowerTools 2009\Uninstall.exe
KBD-->C:\HP\KBD\KBD.EXE uninstalled
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Logitech ImageStudio-->MsiExec.exe /I{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}
LogMeIn-->MsiExec.exe /I{A83C6C34-3007-422A-9E56-A74996BCCDBD}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic fr-->"C:\Programme\Media Player Classic\uninstall.exe"
MediaInfo 0.7.3.1-->C:\Programme\MediaInfo\uninst.exe
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\PROGRAMME\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyPhoneExplorer-->C:\Programme\MyPhoneExplorer\uninstall.exe
Nero 7-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 Antivirus System-->C:\Programme\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v1.9-->"C:\Programme\Eset\unins000.exe"
Norton PartitionMagic 8.0-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
ObjectDock Plus-->C:\PROGRA~1\Stardock\OBJECT~1\objectdock.exe /uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda TotalScan-->C:\Programme\Panda Security\TotalScan\ascuninst.exe
PerfectDisk 10 Professional-->MsiExec.exe /I{7B738CD9-D107-48C7-8E65-2E6639A39C8D}
Photodex Presenter-->C:\Programme\Photodex Presenter\uninst.exe
ProShow Producer-->C:\Programme\Photodex\ProShowProducer\uninst.exe
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
QuickTime Alternative 1.69-->"C:\Programme\QuickTime Alternative\unins000.exe"
Radio Fr Solo 2.1-->C:\Programme\Radio Fr Solo\Uninstall.exe
Real Alternative 2.0.1-->"C:\Programme\Real Alternative\unins000.exe"
Real-Draw PRO 4.0-->"C:\Programme\RealDrawPRO4\unins000.exe"
Ri4m v5.0.1d-->C:\Programme\Ripp-it_AM\Ri4m_Uninstal.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza 2.3.1.0-->"C:\Programme\Shareaza\Uninstall\unins000.exe"
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Programme\Spybot\Spybot - Search & Destroy\unins000.exe"
T-DSL Manager-->MsiExec.exe /I{13D3FE3C-C175-4BA3-9483-5BB01B502F19}
Time Adjuster v2.9 (STANDARD)-->C:\Programme\TimeAdjuster\uninstall.exe
TMPGEnc 4.0 XPress-->MsiExec.exe /I{ED80F174-B621-4B8F-BBB9-3E031A59555A}
TomTom HOME 2.7.3.1894-->C:\Programme\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Torrent Harvester-->C:\Programme\Torrent Harvester\uninstall.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Ultra MKV Converter 3.2.1025-->"C:\Programme\Ultra MKV Converter\unins000.exe"
UltraISO Premium V9.32-->"C:\Programme\UltraISO\unins000.exe"
Uniblue RegistryBooster 2010-->"C:\Programme\Uniblue\RegistryBooster\unins000.exe"
VistaMizer 3.3.0.0-->C:\WINDOWS\VistaMizer\Uninstall.exe
Winamp (remove only)-->"C:\Programme\Winamp\UninstWA.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
XviD MPEG-4 Video Codec-->C:\Programme\XviD\unins000.exe
Your Uninstaller! 2008 Version 6.0-->"C:\Programme\Your Uninstaller 2008\unins000.exe"

======Hosts File======

127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: NOD32 Antivirus System 2.50
FW: COMODO Firewall Pro

======System event log======

Computer Name: GUY
Event Code: 19
Message: Installation erfolgreich: Das folgende Update wurde installiert. Update für Windows XP (KB973687)

Record Number: 11369
Source Name: Windows Update Agent
Time Written: 20091125051658.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 4377
Message: Windows XP, Hotfix KB973687 wurde installiert.

Record Number: 11368
Source Name: NtServicePack
Time Written: 20091125051653.000000+060
Event Type: Informationen
User: GUY\guy

Computer Name: GUY
Event Code: 35
Message: Der Zeitdienst synchronisiert die Systemzeit mit folgender
Zeitquelle: time.windows.com (ntp.m|0x1|84.154.117.130:123->207.46.232.182:123).

Record Number: 11367
Source Name: W32Time
Time Written: 20091125045331.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 20158
Message: Der Benutzer "0003187818665200734520850001@t-online.de" hat eine Verbindung mit "t-com" hergestellt, unter Verwendung des Geräts "PPPoE7-0".

Record Number: 11366
Source Name: RemoteAccess
Time Written: 20091125045321.000000+060
Event Type: Informationen
User:

Computer Name: GUY
Event Code: 20159
Message: Die Verbindung mit "t-com", hergestellt durch den Benutzer "0003187818665200734520850001@t-online.de" unter Verwendung des Geräts "PPPoE7-0", wurde getrennt.

Record Number: 11365
Source Name: RemoteAccess
Time Written: 20091125045309.000000+060
Event Type: Informationen
User:

=====Application event log=====

Computer Name: GUY
Event Code: 1516
Message: Die Registrierung des Benutzers GUY\LogMeInRemoteUser wurde entladen, nachdem eine Benachrichtigung empfangen wurde, das keine Anwendungen bzw. Dienste dieses Profil verwenden.

Record Number: 703
Source Name: Userenv
Time Written: 20091107114425.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: GUY
Event Code: 105
Message: User GUY\LogMeInRemoteUser has logged out from IP address 77.4.66.229.

Record Number: 702
Source Name: LogMeIn
Time Written: 20091107114425.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: GUY
Event Code: 1517
Message: Die Registrierung des Benutzers "GUY\LogMeInRemoteUser" wurde gespeichert, obwohl eine Anwendung oder ein Dienst auf die Registrierung während der Abmeldung zugegriffen hat. Der von der Registrierung des Benutzers verwendete Speicher wurde nicht freigegeben. Der Upload der Registrierung wird durchgeführt, wenn diese nicht mehr verwendet wird.


Dies wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie diese so zu Konfigurieren, dass sie unter den Konten "Lokaler Dienst" oder "Netzwerkdienst" ausgeführt werden.

Record Number: 701
Source Name: Userenv
Time Written: 20091107114425.000000+060
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: GUY
Event Code: 205
Message: User GUY\LogMeInRemoteUser from IP address 77.4.66.229 ended a Remote Control session.

Record Number: 700
Source Name: LogMeIn
Time Written: 20091107114424.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: GUY
Event Code: 202
Message: Remote Control session started for user GUY\LogMeInRemoteUser from IP address 77.4.66.229. The interactive user (if present) has not been asked for a confirmation.

Record Number: 699
Source Name: LogMeIn
Time Written: 20091107110457.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0304
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 01 Fév 2010 11:03

Bonjour Guy Pierre,

Je suis embêté je ne vois rien du tout et ne connaissant pas FF je ne sais pas si c'est lié ou non au navigateur.
Bon 2 choses:

-Tu as désinstallé MBAM cracké?
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe


La version gratuite ne s'active pas au démarrage et n'installe aucuns services, si ce crack est piégé on tourne en rond, donc supprime le si ce n'est pas fait.

-On va faire une autre analyse un peu plus poussé:

Télécharge ZHPDiag crée par Nicolas Coolman

  • Enregistre le sur ton bureau
  • Double clique sur l'icône
  • Suis les instructions à l'ecran
  • Clique sur Image pour lancer l'analyse
  • Clique sur Image pour copier le rapport
  • Puis colle le dans ta prochaine réponses
[*]Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 01 Fév 2010 11:06

Bonjour,
Là je suis au bureau. Je m'occupe de tout ça ce soir en rentrant du travail.
A++
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 01 Fév 2010 14:16

Re,

Biensûr pas de problèmes :wink:

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 01 Fév 2010 18:56

Bonsoir,
alors voilà, j'ai désinstallé MBMA et réinstallé la version gratuite. Du coup j'ai fait un premier scan avec cette version, qui m'a trouvé 4-5 trojan (voir 1er rapport). J'ai fait un deuxième scan rapide qui m'a trouvé deux autres trojans (les tristement célèbres backdoor-bot) (voir 2e rapport). Enfin, je joins le rapport de ZHPdiag que tu m'as demandé...

Merci pour ton aide.
__________________________________________

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3673
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

01/02/2010 18:14:37
mbam-log-2010-02-01 (18-14-37).txt

Type de recherche: Examen rapide
Eléments examinés: 131385
Temps écoulé: 6 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Trojan.Zbot) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot.

Fichier(s) infecté(s):
C:\WINDOWS\Temp\evpw.tmp\svchost.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot.
C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot.

_____________________________________________________________________________
_____________________________________________________________________________

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3673
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

01/02/2010 18:28:33
mbam-log-2010-02-01 (18-28-33).txt

Type de recherche: Examen rapide
Eléments examinés: 131385
Temps écoulé: 5 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

_____________________________________________________________________________________
_____________________________________________________________________________________
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 01 Fév 2010 18:58

Je joins le troisième rapport séparément car le fichier est trop important et il m'a été refusé.

Rapport de ZHPDiag v1.24.44 par Nicolas Coolman
Run by guy at 01/02/2010 18:39:45
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox (3.6)

Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (38% free)
System drive C: has 158 GB (74%) free of 213 GB

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 158 Go of 213 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 2 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 135 Go of 211 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
L:\ CD-ROM drive (Not Inserted)
M:\ CD-ROM drive (Not Inserted)
N:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 17 Go)

---\\ Processus lancés
[MD5.4A95F15B706B8FD9EC8715B6401EAB7B] - C:\HP\KBD\KBD.EXE
[MD5.3F0785BCC78224A50F31FBE794B6337D] - C:\Programme\Eset\nod32kui.exe
[MD5.1F5882037BAD07E9926F47A3A32F0931] - C:\Programme\Comodo\Firewall\CPF.exe
[MD5.99203E789DA6E756EA34A8F836F4E99E] - C:\WINDOWS\system32\CTFMON.EXE
[MD5.17773EDD4B9A2817E5FC703C11A4C1D5] - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
[MD5.65A819B121EB6FDAB4400EA42BDFFE64] - C:\WINDOWS\system32\svchost.exe
[MD5.2EDB74E72FEEB39C8906E4C8C54D91A5] - C:\Programme\Comodo\Firewall\cmdagent.exe
[MD5.09171A3F64778AFC5F0377640136F72B] - C:\WINDOWS\eHome\ehRecvr.exe
[MD5.FCD56D0506A5AAD5E211701F1400597D] - C:\WINDOWS\eHome\ehSched.exe
[MD5.65F6B774819BD727358157CEDEA67B8E] - C:\WINDOWS\system32\services.exe
[MD5.030DEF1B6AD98FA70A51C9994DABC924] - C:\WINDOWS\system32\fxssvc.exe
[MD5.77AC10DB097DFD0CD3071465B644D0AB] - C:\Programme\Java\jre6\bin\jqs.exe
[MD5.9B18F31C059C5F061D6C628E0A771EC1] - C:\Programme\Eset\nod32krn.exe
[MD5.357CDE6C24EB15888E810C6D2787C238] - C:\WINDOWS\system32\nvsvc32.exe
[MD5.20025B31C1FC8FFEA50711C85E1A9859] - C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
[MD5.183805EB05BCA5A1E4AAAED4D2BE3690] - C:\WINDOWS\system32\lsass.exe
[MD5.64E413BA0C529AA40C3924BBCC4153DB] - C:\WINDOWS\system32\PSIService.exe
[MD5.54196CDAC7E1D81D71C652E100B99E77] - C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
[MD5.DA81EC57ACD4CDC3D4C51CF3D409AF9F] - C:\WINDOWS\system32\spoolsv.exe
[MD5.FBD16717FD68B206C4CE3BB3C9EE5CB3] - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
[MD5.35B8C5D1958700A4E70C9B94AAE8CFAF] - C:\WINDOWS\System32\TUProgSt.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Sucheingriff - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\system32\shdocvw.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [nod32kui] C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Firewall Pro] C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=145
O4 - HKCU\..\policies\Explorer: [NoInternetIcon] Data=1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll

---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 2325786494
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} () -

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{388D20A8-304B-4C2B-A91F-D8D6F9095206}: NameServer = 217.0.43.161 217.0.43.177
O17 - HKLM\System\CS2\Services\Tcpip\..\{388D20A8-304B-4C2B-A91F-D8D6F9095206}: NameServer = 217.0.43.161 217.0.43.177

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\System32\LMIinit.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %SystemRoot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Comodo Application Agent (CmdAgent) - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Media Center Receiver Service (ehRecvr) - C:\WINDOWS\eHome\ehRecvr.exe
O23 - Service: Media Center-Planerdienst (ehSched) - C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Fax (Fax) - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Programme\Java\jre6\bin\jqs.exe -service -config C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: NOD32 Kernel Service (NOD32krn) - C:\Programme\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent (PDAgent) - C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: ProtexisLicensing (ProtexisLicensing) - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess (ScsiAccess) - C:\Programme\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Druckwarteschlange (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - C:\WINDOWS\System32\TUProgSt.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Maintenance en 1 clic.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Vektorgrafik-Rendering (VML) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.0 Hotfix (KB887998) - {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Dynamic HTML-Datenbindung für Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offlinebrowsingpaket - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Erweitertes Authoring - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer-Hilfe - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: DirectAnimation Java Classes - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: .NET Framework - {5DEDD928-2CBE-35E9-B002-85232EDB120A} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsererweiterungen - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: Zugang zu MSN Site - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: (no name) - {746D4559-98B4-5E0B-82D3-5BD1E9229B4E} - C:\WINDOWS\system32:svchost.exe
O40 - ASIC: Adressbuch 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: .NET Framework - {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - (not file)
O40 - ASIC: Windows Desktop-Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
O40 - ASIC: Dynamic HTML-Datenbindung - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Fax Provider - {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.0 Hotfix (KB930494) - {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - (not file)
O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)
O40 - ASIC: Internet Explorer-Hauptschriftarten - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Taskplaner - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - (not file)
O40 - ASIC: HTML-Hilfe - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: .NET Framework - {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: CD-ROM-Laufwerktreiber (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Comodo Application Engine (CmdMon) - C:\WINDOWS\System32\DRIVERS\cmdmon.sys
O41 - Driver: ElbyCDIO Driver (ElbyCDIO) - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O41 - Driver: i8042-Tastatur- und PS/2-Mausanschluss-Treiber (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Filtertreiber für CD-Brennen (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: InCDPass (InCDPass) - C:\WINDOWS\system32\drivers\InCDPass.sys
O41 - Driver: InCD Reader (incdrm) - C:\WINDOWS\system32\drivers\InCDRm.sys
O41 - Driver: Intel-Prozessortreiber (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: IPSEC-Treiber (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: ISO DVD/CD-ROM Device Driver (ISODrive) - C:\Programme\UltraISO\drivers\ISODrive.sys
O41 - Driver: Tastaturklassentreiber (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Tastatur-HID-Treiber (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Logitech USB Microphone (lusbaudio) - C:\WINDOWS\system32\drivers\lvsound2.sys
O41 - Driver: Mausklassentreiber (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: NetBIOS-Schnittstelle (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBT (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Treiber für automatische RAS-Verbindung (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Filtertreiber für digitale CD-Audiowiedergabe (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Treiber für seriellen Anschluss (Serial) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: TCP/IP-Protokolltreiber (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Terminal-Gerätetreiber (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: Microsoft WDM Virtual Wave Driver (WDM) (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung (WS2IFSL) - C:\WINDOWS\System32\drivers\ws2ifsl.sys
O41 - Driver: AVG Anti-Spyware Driver (AVG Anti-Spyware Driver) - C:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.sys
O41 - Driver: AVG Anti-Spyware Clean Driver (AvgAsCln) - C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys
O41 - Driver: Kerio Personal Firewall Driver (fwdrv) - C:\WINDOWS\system32\Drivers\fwdrv.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.44 beta
O42 - Logiciel: AC3Filter (remove only)
O42 - Logiciel: AVIcodec (remove only)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Agenda 2.4.2
O42 - Logiciel: Ant Movie Catalog
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Autoplay Repair 2.2.2
O42 - Logiciel: BadCopy Pro
O42 - Logiciel: Blu-ray to DVD Pro ver 2.32
O42 - Logiciel: C-Media High Definition Audio Driver
O42 - Logiciel: CCleaner
O42 - Logiciel: COMODO Firewall Pro
O42 - Logiciel: CloneDVD2
O42 - Logiciel: Cloneur Expert
O42 - Logiciel: ConvertXtoDVD 2.0.4
O42 - Logiciel: CutePDF Writer 2.6
O42 - Logiciel: DVD Decrypter (Remove Only)
O42 - Logiciel: DVD Rebuilder
O42 - Logiciel: DVD Shrink 3.2
O42 - Logiciel: DVD slideshow GUI 0.9.1.0
O42 - Logiciel: DVD-lab PRO 2.2
O42 - Logiciel: DVDStyler v1.7.2
O42 - Logiciel: DVDate (en Fançais)
O42 - Logiciel: DivX ;-) Audio Compressor 4.02
O42 - Logiciel: DxO Optics Pro 6
O42 - Logiciel: East-Tec Eraser 2009 Version 9.5
O42 - Logiciel: Ecuador's AVI Bitrate Calculator 2.91 DX
O42 - Logiciel: Einfache Internetanmeldung
O42 - Logiciel: Empty Temp Folders 2.8.3
O42 - Logiciel: FastStone Image Viewer 4.0
O42 - Logiciel: HP Image Zone 3.5
O42 - Logiciel: HP PSC & OfficeJet 3.5
O42 - Logiciel: HP Software Update
O42 - Logiciel: HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 18
O42 - Logiciel: KBD
O42 - Logiciel: Lame ACM MP3 Codec
O42 - Logiciel: LogMeIn
O42 - Logiciel: Logitech ImageStudio
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Media Player Classic fr
O42 - Logiciel: MediaInfo 0.7.3.1
O42 - Logiciel: Memories Disc Creator 2.0
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007
O42 - Logiciel: Mozilla Firefox (3.6)
O42 - Logiciel: Mozilla Thunderbird (2.0.0.23)
O42 - Logiciel: MyPhoneExplorer
O42 - Logiciel: NOD32 Antivirus System
O42 - Logiciel: NOD32 FiX v1.9
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: Nero 7
O42 - Logiciel: Norton PartitionMagic 8.0
O42 - Logiciel: ObjectDock Plus
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PS2
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: Panda TotalScan
O42 - Logiciel: PerfectDisk 10 Professional
O42 - Logiciel: Photodex Presenter
O42 - Logiciel: ProShow Producer
O42 - Logiciel: QuickTime Alternative 1.69
O42 - Logiciel: Radio Fr Solo 2.1
O42 - Logiciel: Real Alternative 2.0.1
O42 - Logiciel: Real-Draw PRO 4.0
O42 - Logiciel: Ri4m v5.0.1d
O42 - Logiciel: Segoe UI
O42 - Logiciel: Shareaza 2.3.1.0
O42 - Logiciel: Skype™ 4.1
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: T-DSL Manager
O42 - Logiciel: TMPGEnc 4.0 XPress
O42 - Logiciel: Time Adjuster v2.9 (STANDARD)
O42 - Logiciel: TomTom HOME 2.7.3.1894
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules
O42 - Logiciel: Torrent Harvester
O42 - Logiciel: TuneUp Utilities 2009
O42 - Logiciel: Ultra MKV Converter 3.2.1025
O42 - Logiciel: UltraISO Premium V9.32
O42 - Logiciel: Uniblue RegistryBooster 2010
O42 - Logiciel: VistaMizer 3.3.0.0
O42 - Logiciel: Winamp (remove only)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XviD MPEG-4 Video Codec
O42 - Logiciel: Your Uninstaller! 2008 Version 6.0
O42 - Logiciel: cdrLabel 7.1
O42 - Logiciel: jv16 PowerTools 2009
O42 - Logiciel: neroxml

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Programme\7-Zip
O43 - CFD:Common File Directory ----D- C:\Programme\AC3Filter
O43 - CFD:Common File Directory ----D- C:\Programme\Ant Movie Catalog
O43 - CFD:Common File Directory ----D- C:\Programme\Autoplay Repair
O43 - CFD:Common File Directory ----D- C:\Programme\AVICalc2
O43 - CFD:Common File Directory ----D- C:\Programme\AVIcodec
O43 - CFD:Common File Directory ----D- C:\Programme\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Programme\Blu-ray to DVD Pro
O43 - CFD:Common File Directory ----D- C:\Programme\CCleaner
O43 - CFD:Common File Directory ----D- C:\Programme\cdrLabel 7.1
O43 - CFD:Common File Directory ----D- C:\Programme\ChessBase
O43 - CFD:Common File Directory ----D- C:\Programme\Cinema Craft Encoder SP v2.67.00.27
O43 - CFD:Common File Directory ----D- C:\Programme\Comodo
O43 - CFD:Common File Directory ----D- C:\Programme\CutePDF Writer
O43 - CFD:Common File Directory ----D- C:\Programme\DivX
O43 - CFD:Common File Directory ----D- C:\Programme\DVD Decrypter
O43 - CFD:Common File Directory ----D- C:\Programme\DVD Shrink
O43 - CFD:Common File Directory ----D- C:\Programme\DVD slideshow GUI
O43 - CFD:Common File Directory ----D- C:\Programme\DVD-RB PRO
O43 - CFD:Common File Directory ----D- C:\Programme\DVDate
O43 - CFD:Common File Directory ----D- C:\Programme\DVDlabPro2
O43 - CFD:Common File Directory ----D- C:\Programme\DVDStyler
O43 - CFD:Common File Directory ----D- C:\Programme\DxO Labs
O43 - CFD:Common File Directory ----D- C:\Programme\East-Tec Eraser 2009
O43 - CFD:Common File Directory ----D- C:\Programme\Easy Internet signup
O43 - CFD:Common File Directory ----D- C:\Programme\Elaborate Bytes
O43 - CFD:Common File Directory ----D- C:\Programme\Empty Temp Folders 2.8.3
O43 - CFD:Common File Directory ----D- C:\Programme\Eset
O43 - CFD:Common File Directory ----D- C:\Programme\FastStone Image Viewer
O43 - CFD:Common File Directory ----D- C:\Programme\Gemeinsame Dateien
O43 - CFD:Common File Directory ----D- C:\Programme\GPLGS
O43 - CFD:Common File Directory ----D- C:\Programme\Grisoft
O43 - CFD:Common File Directory ----D- C:\Programme\GSpot
O43 - CFD:Common File Directory ----D- C:\Programme\HighMAT CD Writing Wizard
O43 - CFD:Common File Directory ----D- C:\Programme\HP
O43 - CFD:Common File Directory --H-D- C:\Programme\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Programme\Intel
O43 - CFD:Common File Directory ----D- C:\Programme\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Programme\iPod
O43 - CFD:Common File Directory ----D- C:\Programme\Java
O43 - CFD:Common File Directory ----D- C:\Programme\Jufsoft
O43 - CFD:Common File Directory ----D- C:\Programme\jv16 PowerTools 2009
O43 - CFD:Common File Directory ----D- C:\Programme\LedPC Application
O43 - CFD:Common File Directory ----D- C:\Programme\Logitech
O43 - CFD:Common File Directory ----D- C:\Programme\LogMeIn
O43 - CFD:Common File Directory ----D- C:\Programme\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Programme\Media Player Classic
O43 - CFD:Common File Directory ----D- C:\Programme\MediaInfo
O43 - CFD:Common File Directory ----D- C:\Programme\Micro Application
O43 - CFD:Common File Directory ----D- C:\Programme\Microsoft
O43 - CFD:Common File Directory ----D- C:\Programme\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Programme\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Programme\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Programme\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Programme\Mozilla Thunderbird
O43 - CFD:Common File Directory ----D- C:\Programme\MSBuild
O43 - CFD:Common File Directory ----D- C:\Programme\MSECACHE
O43 - CFD:Common File Directory ----D- C:\Programme\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Programme\MSXML 6.0
O43 - CFD:Common File Directory ----D- C:\Programme\Multi_Media
O43 - CFD:Common File Directory ----D- C:\Programme\MyPhoneExplorer
O43 - CFD:Common File Directory ----D- C:\Programme\Nero
O43 - CFD:Common File Directory ----D- C:\Programme\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Programme\Online-Dienste
O43 - CFD:Common File Directory ----D- C:\Programme\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Programme\Panda Security
O43 - CFD:Common File Directory ----D- C:\Programme\Pegasys Inc
O43 - CFD:Common File Directory ----D- C:\Programme\Photodex
O43 - CFD:Common File Directory ----D- C:\Programme\Photodex Presenter
O43 - CFD:Common File Directory ----D- C:\Programme\PhotoFiltre Studio X
O43 - CFD:Common File Directory ----D- C:\Programme\QuickTime Alternative
O43 - CFD:Common File Directory ----D- C:\Programme\Radio Fr Solo
O43 - CFD:Common File Directory ----D- C:\Programme\Raxco
O43 - CFD:Common File Directory ----D- C:\Programme\Real Alternative
O43 - CFD:Common File Directory ----D- C:\Programme\RealDrawPRO4
O43 - CFD:Common File Directory ----D- C:\Programme\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Programme\Ripp-it_AM
O43 - CFD:Common File Directory ----D- C:\Programme\Shareaza
O43 - CFD:Common File Directory R---D- C:\Programme\Skype
O43 - CFD:Common File Directory ----D- C:\Programme\Spybot
O43 - CFD:Common File Directory ----D- C:\Programme\Stardock
O43 - CFD:Common File Directory ----D- C:\Programme\Subtitle Workshop
O43 - CFD:Common File Directory ----D- C:\Programme\Symantec
O43 - CFD:Common File Directory ----D- C:\Programme\T-DSL Manager
O43 - CFD:Common File Directory ----D- C:\Programme\TimeAdjuster
O43 - CFD:Common File Directory ----D- C:\Programme\TomTom DesktopSuite
O43 - CFD:Common File Directory ----D- C:\Programme\TomTom HOME 2
O43 - CFD:Common File Directory ----D- C:\Programme\TomTom International B.V
O43 - CFD:Common File Directory ----D- C:\Programme\Torrent Harvester
O43 - CFD:Common File Directory ----D- C:\Programme\TuneUp Utilities 2009
O43 - CFD:Common File Directory ----D- C:\Programme\Ultra MKV Converter
O43 - CFD:Common File Directory ----D- C:\Programme\UltraISO
O43 - CFD:Common File Directory ----D- C:\Programme\Uniblue
O43 - CFD:Common File Directory --H-D- C:\Programme\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Programme\Unlocker
O43 - CFD:Common File Directory ----D- C:\Programme\uTorrent
O43 - CFD:Common File Directory ----D- C:\Programme\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Programme\vso
O43 - CFD:Common File Directory ----D- C:\Programme\Winamp
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Installer Clean Up
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Live
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Media Components
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Programme\Windows NT
O43 - CFD:Common File Directory ----D- C:\Programme\Windows Plus
O43 - CFD:Common File Directory --H-D- C:\Programme\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Programme\xerox
O43 - CFD:Common File Directory ----D- C:\Programme\XviD
O43 - CFD:Common File Directory ----D- C:\Programme\Your Uninstaller 2008
O43 - CFD:Common File Directory ----D- C:\Programme\ZHPDiag

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.06D0EC2916B14458999DA2F832E35AAE] - 01/02/2010 - 18:27:07 ---A- C:\WINDOWS\System32\d3d9caps.dat
O44 - LFC:[MD5.00000000000000000000000000000000] - 01/02/2010 - 18:18:53 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/02/2010 - 18:17:26 ---A- C:\WINDOWS\0.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 01/02/2010 - 18:17:19 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:[MD5.00000000000000000000000000000000] - 01/02/2010 - 18:17:18 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/02/2010 - 18:17:00 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.00000000000000000000000000000000] - 01/02/2010 - 18:16:08 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:[MD5.0B4E52C31D92CBB2DF609652976C54E5] - 31/01/2010 - 18:10:50 -SHA- C:\WINDOWS\Thumbs.db
O44 - LFC:[MD5.857969D92C384045FD60F985C540C56F] - 31/01/2010 - 11:27:00 RSH-- C:\boot.ini
O44 - LFC:[MD5.0B0BDBC1F06201EBCE20C0CE36776558] - 31/01/2010 - 08:53:53 -SHA- C:\WINDOWS\System32\Thumbs.db
O44 - LFC:[MD5.E4CA8E81753A256C6FC112B16F996994] - 30/01/2010 - 11:58:49 ---A- C:\WINDOWS\ChssBase.ini
O44 - LFC:[MD5.5BDA9D6C94805F67CC9B29EC0EEC2032] - 28/01/2010 - 19:20:52 ---A- C:\WINDOWS\system.ini
O44 - LFC:[MD5.445876D952036C3E18F37F7C72CBEE83] - 28/01/2010 - 19:20:52 ---A- C:\WINDOWS\win.ini
O44 - LFC:[MD5.B427962BDB196D132AF50F6C7B78380D] - 28/01/2010 - 18:58:08 ---A- C:\WINDOWS\System32\javaw.exe
O44 - LFC:[MD5.C8824405C4E358A2FE4D97C83101079A] - 28/01/2010 - 18:58:08 ---A- C:\WINDOWS\System32\javaws.exe
O44 - LFC:[MD5.E0BBCEC12A1DE6E25C612AD205B719B4] - 28/01/2010 - 18:58:07 ---A- C:\WINDOWS\System32\deploytk.dll
O44 - LFC:[MD5.AD3A2226B72F6E161425254276670117] - 28/01/2010 - 18:58:07 ---A- C:\WINDOWS\System32\java.exe
O44 - LFC:[MD5.A430C07A2B0D09DADB6AE1DA5FDE9071] - 28/01/2010 - 18:58:07 ---A- C:\WINDOWS\System32\javacpl.cpl
O44 - LFC:[MD5.4FA47C3A0E50C6E061CB3F5A28E81D35] - 28/01/2010 - 18:32:58 ---A- C:\WINDOWS\System32\imon1.dat
O44 - LFC:[MD5.6CD9C2502E14C3EC98803DDAB5DB7123] - 27/01/2010 - 19:41:14 ---A- C:\WINDOWS\System32\cejsnzzx
O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 27/01/2010 - 17:37:47 ---A- C:\WINDOWS\Radio_Fr.ini
O44 - LFC:[MD5.4CE91CEDF6EC0F5FDFF2B6E2DB4E520A] - 27/01/2010 - 05:35:27 ---A- C:\WINDOWS\NeroDigital.ini
O44 - LFC:[MD5.8EEA3EEA1CB0AAB5102C32B13FE3A92E] - 24/01/2010 - 18:57:42 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:[MD5.B7CC86FDB5A23F886113F3E87AAB5EC6] - 10/01/2010 - 10:11:20 ---A- C:\WINDOWS\Muxman.ini
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:[MD5.DD55E145AC32470F215C23EAB884F7A5] - 06/01/2010 - 11:06:54 ---A- C:\WINDOWS\wininit.ini
O44 - LFC:[MD5.EFFDAA3AAA43C7F3E9AA6FBD635E952E] - 06/01/2010 - 08:56:45 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.AF97AC13B0356C1A6F7D4BBF3B08C6F7] - 06/01/2010 - 07:46:45 -SHA- C:\WINDOWS\System32\KGyGaAvL.sys
O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 06/01/2010 - 06:35:16 --HA- C:\WINDOWS\QTFont.qfn
O44 - LFC:[MD5.45C5335729E7785DB828575FDD086AB5] - 04/01/2010 - 18:07:03 ---A- C:\WINDOWS\MyDrivers.ini

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
O47 - AAKE:Key Export SP - "C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe"="C:\Programme\uTorrent\webui_v0.310_beta_2\utorrent.exe:*:Enabled:µTorrent"
O47 - AAKE:Key Export SP - "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
O47 - AAKE:Key Export SP - "C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
O47 - AAKE:Key Export SP - "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
O47 - AAKE:Key Export SP - "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"
O47 - AAKE:Key Export DP - "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 01 Fév 2010 19:00

Désolé, il m'a fallu diviser ce rapport en deux. Voici la deuxième moitié :

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{8fdf410d-4c6b-11d9-9fd4-806d6172696f}\Shell\AutoRun\command - hh start.chm

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.voxacm160"="vct3216.acm"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo"="vfwwdm32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lameacm"="LameACM.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.divxa32"="DivXa32.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MPG4"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MP42"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Logitech Microphone"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Aufnahmetreiber für WDM-Video For Windows (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"vct3216.acm"="Voxware Compression Toolkit"
O52 - TDSD:HKLM\...\drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivXa32.acm"="DivX ;-) Audio Compressor 4.02"
O52 - TDSD:HKLM\...\drivers.desc\"mpg4c32.dll"="Microsoft MPEG-4 Video Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"DivX.dll"="DivX 6.6.1 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"mciavi32.dll"="(MCI) Microsoft Video for Windows"
O52 - TDSD:HKLM\...\drivers.desc\"mcicda.dll"="(MCI) CD Audio"
O52 - TDSD:HKLM\...\drivers.desc\"mciseq.dll"="(MCI) Midi Sequencer"
O52 - TDSD:HKLM\...\drivers.desc\"mciwave.dll"="(MCI) Sound"
O52 - TDSD:HKLM\...\drivers.desc\"mciqtz32.dll"="mciqtz32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"midimap.dll"="MIDI Mapper"
O52 - TDSD:HKLM\...\drivers.desc\"imaadp32.acm"="IMA ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msadp32.acm"="Microsoft ADPCM Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC"
O52 - TDSD:HKLM\...\drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc."
O52 - TDSD:HKLM\...\drivers.desc\"msh263.drv"="msh263.drv"
O52 - TDSD:HKLM\...\drivers.desc\"iyuv_32.dll"="iyuv_32.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msrle32.dll"="Microsoft RLE Codec"
O52 - TDSD:HKLM\...\drivers.desc\"msvidc32.dll"="Microsoft Video 1"
O52 - TDSD:HKLM\...\drivers.desc\"msyuv.dll"="msyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"tsbyuv.dll"="tsbyuv.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msacm32.drv"="Microsoft Audio Compression Manager"
O52 - TDSD:HKLM\...\drivers.desc\"msg723.acm"="msg723.acm"
O52 - TDSD:HKLM\...\drivers.desc\"msh261.drv"="msh261.drv"
O52 - TDSD:HKLM\...\drivers.desc\"yv12vfw.dll"="yv12vfw.dll"

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\key - SOFTWARE\Microsoft\Windows\CurrentVersion\Run
O53 - SMSR:HKLM\...\startupreg\item -
O53 - SMSR:HKLM\...\startupreg\hkey - HKLM
O53 - SMSR:HKLM\...\startupreg\command -
O53 - SMSR:HKLM\...\startupreg\inimapping - 0

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoInternetIcon"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.009927DB8019C54477DABF6F9D795053] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:[MD5.2DC768E00B7625433BC91D3480C7317A] - 21/10/2004 - 10:52:04 ---A- C:\WINDOWS\system32\drivers\3xHybrid.sys
O58 - SDL:[MD5.94B4741D2CF9ED38140B831293D1601A] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:[MD5.9E1CA3160DAFB159CA14F83B1E317F75] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:[MD5.1EE7B434BA961EF845DE136224C30FEC] - 15/02/2006 - 01:22:26 ---A- C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:[MD5.55E6E1C51B6D30E54335750955453702] - 14/08/2008 - 10:51:43 ---A- C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:[MD5.C719341A1CF6AFD4FA0808AE3D23D6A3] - 04/11/2006 - 09:07:55 ---A- C:\WINDOWS\system32\drivers\AFS2K.SYS
O58 - SDL:[MD5.3C44A7236554A99559D3B549B418BFB9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:[MD5.FBF9FFB0B638DF1448821BD0ACEEB780] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:[MD5.D2C4B2BD75EB35E1E0DA7AD3B65D24D2] - 05/11/2006 - 14:59:49 ---A- C:\WINDOWS\system32\drivers\amon.sys
O58 - SDL:[MD5.F0D692B0BFFB46E30EB3CEA168BBC49F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:[MD5.02000ABF34AF4C218C35D257024807D6] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - 03/08/2004 - 22:59:44 ---A- C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:[MD5.EC88DA854AB7D7752EC8BE11A741BB7F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:[MD5.0128E78FE835F074E469F03DB681CA9E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 13:59:44 ---A- C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:[MD5.E82C5AE309AB903D1019A240E5E469A9] - 03/08/2004 - 23:10:14 ---A- C:\WINDOWS\system32\drivers\BdaSup.sys
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:[MD5.E4E6A0922E3D983728C9AD4E8D466954] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:[MD5.6163ED60B684BAB19D3352AB22FC48B2] - 03/08/2004 - 23:10:18 ---A- C:\WINDOWS\system32\drivers\CCDECODE.sys
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:[MD5.AF9C19B3100FE010496B1A27181FBF72] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:[MD5.86780103F4D384BC16E6AD03776529A2] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.D86173B401470F06D9810F7962969DDF] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:[MD5.7399B62C07D2340826CCAD5B4D661D35] - 31/01/2008 - 18:15:14 ---A- C:\WINDOWS\system32\drivers\cmdmon.sys
O58 - SDL:[MD5.D7FCADA6833A0E243CA89C03BD559BD9] - 12/05/2005 - 14:39:56 ---A- C:\WINDOWS\system32\drivers\cmudax.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.92611997D1973DA8D3E4E932400D4569] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:[MD5.65C7122D1115A4E1DB3E8C11DF919A40] - 08/06/2009 - 10:00:56 ---A- C:\WINDOWS\system32\drivers\DefragFs.sys
O58 - SDL:[MD5.00CA44E4534865F8A3B64F7C0984BFF0] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:[MD5.D16C81677A9BE399C63CD2EA486472A5] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:[MD5.5789B83BA87FC84C3568CF86CACEF8CE] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:[MD5.084EB0A50A4F7B4705C8A57F234E5291] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:[MD5.A6F881284AC1150E37D9AE47FF601267] - 03/08/2004 - 23:07:40 ---A- C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:[MD5.FF86422268DE771D571E123EB7092C6A] - 03/08/2004 - 23:08:00 ---A- C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 03/08/2004 - 23:07:58 ---A- C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:[MD5.D3DAC8432110AAD0B02A58B4459AB835] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:[MD5.6E883BF518296A40959131C2304AF714] - 17/08/2001 - 12:11:06 ---A- C:\WINDOWS\system32\drivers\el90xbc5.sys
O58 - SDL:[MD5.AAA8999A169E39FB8B48AE49CD6AC30A] - 07/08/2007 - 20:48:33 ---A- C:\WINDOWS\system32\drivers\ElbyCDIO.sys
O58 - SDL:[MD5.DF9957DB3BFE5136AAD3C2C101806C98] - 12/04/2005 - 09:41:20 ---A- C:\WINDOWS\system32\drivers\ElbyDelay.sys
O58 - SDL:[MD5.80D1B490B60E74E002DC116EC5D41748] - 17/08/2001 - 13:46:40 ---A- C:\WINDOWS\system32\drivers\enum1394.sys
O58 - SDL:[MD5.3117F595E9615E04F05A54FC15A03B20] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:[MD5.CED2E8396A8838E59D8FD529C680E02C] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:[MD5.CC6B6DF3C35C20531492E1B700F700FA] - 29/10/2002 - 22:20:30 ---A- C:\WINDOWS\system32\drivers\fetnd5b.sys
O58 - SDL:[MD5.9E9AF89F9B14AA6249065C309CE73BD8] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:[MD5.0DD1DE43115B93F4D85E889D7A86F548] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:[MD5.3D234FB6D6EE875EB009864A299BEA29] - 21/08/2006 - 10:14:58 ---A- C:\WINDOWS\system32\drivers\fltmgr.sys
O58 - SDL:[MD5.1F943241F4963CD51E5F61C93D3F45C7] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:[MD5.8F1955CE42E1484714B542F341647778] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:[MD5.8210B0B16E674586D331E804F81635BD] - 05/04/2004 - 17:42:36 ---A- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.524BF42D6F649871754A2C394F24FC38] - 27/08/2004 - 12:28:22 ---A- C:\WINDOWS\system32\drivers\hcwPP2.sys
O58 - SDL:[MD5.CBBB304DC69E0B56F789852F6455F7EC] - 26/04/2004 - 15:31:14 ---A- C:\WINDOWS\system32\drivers\Hdaudbus.sys
O58 - SDL:[MD5.160B24FD894E79E71C983EA403A6E6E7] - 17/03/2004 - 16:10:40 ---A- C:\WINDOWS\system32\drivers\Hdaudio.sys
O58 - SDL:[MD5.378055AB8DDA86228683C697C4E11685] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:[MD5.CC6B00739ED83A64CD817DC93D26A667] - 10/08/2004 - 03:47:52 ---A- C:\WINDOWS\system32\drivers\hidir.sys
O58 - SDL:[MD5.5FFF41CD5108E9051D255C37825AF697] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:[MD5.1DE6783B918F540149AA69943BDFEBA8] - 17/08/2001 - 14:02:20 ---A- C:\WINDOWS\system32\drivers\hidusb.sys
O58 - SDL:[MD5.287A63BD8509BD78E7978823B38AFA81] - 18/09/2003 - 02:07:28 R--A- C:\WINDOWS\system32\drivers\hpzid412.sys
O58 - SDL:[MD5.0B4FDA2657C3E0315EAA57F9C6D4FD1F] - 18/09/2003 - 02:07:24 R--A- C:\WINDOWS\system32\drivers\HPZipr12.sys
O58 - SDL:[MD5.29559DB25258B60510A60C4E470FCE32] - 18/09/2003 - 02:07:24 R--A- C:\WINDOWS\system32\drivers\HPZius12.sys
O58 - SDL:[MD5.9F8B0F4276F618964FD118BE4289B7CD] - 20/10/2009 - 15:58:48 ---A- C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:[MD5.7C575018D0413440D75432A78B88C899] - 04/08/2004 - 00:42:26 ---A- C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:[MD5.552B6B3B889020B8A2D5525068A494B4] - 03/07/2007 - 18:10:10 ---A- C:\WINDOWS\system32\drivers\imagedrv.sys
O58 - SDL:[MD5.1BE72919F1B489FB8C06AE7CEF45C659] - 03/07/2007 - 18:10:12 ---A- C:\WINDOWS\system32\drivers\imagesrv.sys
O58 - SDL:[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:[MD5.580A81790CD0A48D85DA322267DA7AC4] - 25/06/2007 - 07:47:02 ---A- C:\WINDOWS\system32\drivers\InCDfs.sys
O58 - SDL:[MD5.AAA2789D2CE21B31BE9406BA1CEB7285] - 25/06/2007 - 07:47:12 ---A- C:\WINDOWS\system32\drivers\InCDPass.sys
O58 - SDL:[MD5.4D022577E9072B5D22E0A383A7806BBB] - 25/06/2007 - 07:47:12 ---A- C:\WINDOWS\system32\drivers\InCDrec.sys
O58 - SDL:[MD5.C258E57321A3C3737F4FA815FA69EE0B] - 25/06/2007 - 07:47:12 ---A- C:\WINDOWS\system32\drivers\InCDRm.sys
O58 - SDL:[MD5.76A44EA5960F2F7224F5E7C7A18A0E3B] - 31/01/2008 - 18:15:14 ---A- C:\WINDOWS\system32\drivers\inspect.sys
O58 - SDL:[MD5.D63C33F65F6EBC732116403D88883B2D] - 04/08/2004 - 00:44:44 ---A- C:\WINDOWS\system32\drivers\intelide.sys
O58 - SDL:[MD5.C1C2CC1DA79C5EE10457EF0A3B8568C7] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:[MD5.4448006B6BC60E6C027932CFC38D6855] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:[MD5.E1EC7F5DA720B640CD8FB8424F1B14BB] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:[MD5.E2168CBC7098FFE963C6F23F472A3593] - 29/09/2004 - 23:28:37 ---A- C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:[MD5.7381237118FDC710E7FF698BAA5A2E67] - 10/08/2004 - 03:47:50 ---A- C:\WINDOWS\system32\drivers\IrBus.sys
O58 - SDL:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:[MD5.CE9B7AFDF0A3D7DD8D1487262316B959] - 18/08/2001 - 04:18:44 ---A- C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:[MD5.B128FC0A5CD83F669D5DE4B58F77C7D6] - 04/08/2004 - 00:46:10 ---A- C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:[MD5.7EC877AA899323B92874FE62C7DDCDE7] - 04/08/2004 - 00:46:12 ---A- C:\WINDOWS\system32\drivers\kbdhid.sys
O58 - SDL:[MD5.BA5DEDA4D934E6288C2F66CAF58D2562] - 14/06/2006 - 09:47:45 ---A- C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:[MD5.B9540E258F952650DE8DEC68719A5C97] - 03/08/2004 - 23:15:22 ---A- C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:[MD5.674D3E5A593475915DC6643317192403] - 22/06/2009 - 12:34:52 ---A- C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:[MD5.4477689E2D8AE6B78BA34C9AF4CC1ED1] - 12/09/2007 - 10:20:28 ---A- C:\WINDOWS\system32\drivers\lmimirr.sys
O58 - SDL:[MD5.3FAA563DDF853320F90259D455A01D79] - 11/08/2008 - 12:40:58 ---A- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
O58 - SDL:[MD5.345A363DEBD9C1F403E62DB744415B34] - 10/06/2002 - 14:20:56 ---A- C:\WINDOWS\system32\drivers\lvce.sys
O58 - SDL:[MD5.F57FCBFBBD7FF68CC286F6FEFEAED2B2] - 10/06/2002 - 14:20:32 ---A- C:\WINDOWS\system32\drivers\LVSound2.sys
O58 - SDL:[MD5.E0FEBA3178CABF337EE08F6A499A0FB3] - 10/06/2002 - 14:20:12 ---A- C:\WINDOWS\system32\drivers\LVUSBSta.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:[MD5.729D83E56C29C510258A6E9E79FFDDC3] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:[MD5.7F2F1D2815A6449D346FCCCBC569FBD6] - 10/08/2004 - 03:45:04 ---A- C:\WINDOWS\system32\drivers\mhndrv.sys
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:[MD5.91A3DA4B12F6F1D760463A7F7857F748] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:[MD5.71E15CA47FD947552054AFB28536268F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:[MD5.66A6F73C74E1791464160A7065CE711A] - 18/08/2001 - 04:22:44 ---A- C:\WINDOWS\system32\drivers\mouhid.sys
O58 - SDL:[MD5.65653F3B4477F3C63E68A9659F85EE2E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:[MD5.55A9A7E6BB297BF0F5B144029DCB79CC] - 03/08/2004 - 23:10:14 ---A- C:\WINDOWS\system32\drivers\MPE.sys
O58 - SDL:[MD5.EEE50BF24CAEEDB515A8F3B22756D3BB] - 22/06/2009 - 12:48:44 ---A- C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:[MD5.29414447EB5BDE2F8397DC965DBB3156] - 18/12/2007 - 10:51:35 ---A- C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:[MD5.6F2D483B97B395544E59749C47963C6A] - 24/10/2008 - 12:10:42 ---A- C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:[MD5.561B3A4333CA2DBDBA28B5B956822519] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:[MD5.C0F1D4A21DE5A415DF8170616703DEBF] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 03/08/2004 - 22:58:42 ---A- C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 03/08/2004 - 22:58:40 ---A- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 03/08/2004 - 22:58:42 ---A- C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:[MD5.469541F8BFD2B32659D5D463A6714BCE] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:[MD5.BF13612142995096AB084F2DB7F40F77] - 03/08/2004 - 22:58:40 ---A- C:\WINDOWS\system32\drivers\MSTEE.sys
O58 - SDL:[MD5.82035E0F41C2DD05AE41D27FE6CF7DE1] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:[MD5.5C8DC6429C43DC6177C1FA5B76290D1A] - 03/08/2004 - 23:10:30 ---A- C:\WINDOWS\system32\drivers\NABTSFEC.sys
O58 - SDL:[MD5.558635D3AF1C7546D26067D5D9B6959E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:[MD5.520CE427A8B298F54112857BCF6BDE15] - 03/08/2004 - 23:10:14 ---A- C:\WINDOWS\system32\drivers\NdisIP.sys
O58 - SDL:[MD5.08D43BBDACDF23F34D79E44ED35C1B4C] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:[MD5.34D6CD56409DA9A7ED573E1C90A308BF] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:[MD5.0B90E255A9490166AB368CD55A529893] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:[MD5.59FC3FB44D2669BC144FD87826BB571F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:[MD5.3A2ACA8FC1D7786902CA434998D7CEB4] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:[MD5.0C80E410CD2F47134407EE7DD19CC86B] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:[MD5.5C5C53DB4FEF16CF87B9911C7E8C6FBC] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.60CF8C7192B3614F240838DDBAA4A245] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:[MD5.4F601BCB8F64EA3AC0994F98FED03F8E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:[MD5.19A811EF5F1ED5C926A028CE107FF1AF] - 09/02/2007 - 12:10:35 ---A- C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:[MD5.3712D332633B853101AB786380C969EC] - 06/11/2007 - 20:00:00 ---A- C:\WINDOWS\system32\drivers\nv4_mini.sys
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:[MD5.79EA3FCDA7067977625B3363A2657C80] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:[MD5.3F18D9365BE71C7B2E43B7CF4A0C1A10] - 13/10/2006 - 11:23:15 ---A- C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:[MD5.0951DB8E5823EA366B0E408D71E1BA2A] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ohci1394.sys
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:[MD5.803715CF245D5308C2644925CEAF275D] - 17/08/2001 - 14:05:12 ---A- C:\WINDOWS\system32\drivers\OVCam2.sys
O58 - SDL:[MD5.90849934D37133E069F31F3E9A66C9BC] - 17/08/2001 - 14:05:20 ---A- C:\WINDOWS\system32\drivers\OVCE.sys
O58 - SDL:[MD5.6E07C71E89C17C96D206A6A91D247F3B] - 17/08/2001 - 14:05:12 ---A- C:\WINDOWS\system32\drivers\OVCodek2.sys
O58 - SDL:[MD5.081CAF42D5DB1FCF8794FD77BEFD1B11] - 17/08/2001 - 14:05:06 ---A- C:\WINDOWS\system32\drivers\OVSound2.sys
O58 - SDL:[MD5.118C1004E38FDDB5F832A182E6EF6F40] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:[MD5.B2F17A2EDB5450E61973A037F63A595B] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:[MD5.3334430C29DC338092F79C38EF7B4CD0] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:[MD5.C2BF987829099A3EAA2CA6A0A90ECB4F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 30/06/2009 - 09:37:16 ---A- C:\WINDOWS\system32\drivers\pavboot.sys
O58 - SDL:[MD5.6FB463E5B243FBD6F3D3C83F914D94FB] - 04/08/2004 - 00:37:14 ---A- C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:[MD5.59BA86D9A61CBCF4DF8E598C331F5B82] - 18/08/2001 - 04:30:42 ---A- C:\WINDOWS\system32\drivers\pciide.sys
O58 - SDL:[MD5.520B91AB011456B940D9B05FC91108FF] - 03/08/2004 - 22:59:42 ---A- C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:[MD5.E2363F4C1DAFF89ABEE5F593E13D8A05] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:[MD5.CD2425FD848E5FA09C9A213DA56817A9] - 07/11/2006 - 12:08:18 ---A- C:\WINDOWS\system32\drivers\Pcouffin.sys
O58 - SDL:[MD5.3478CC7A161365AB999108008434A74C] - 15/03/2004 - 18:41:52 ---A- C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:[MD5.29ABE7F1EB2045F06CC83B183B59B9FB] - 05/05/2004 - 23:15:04 ---A- C:\WINDOWS\system32\drivers\PQNTDRV.sys
O58 - SDL:[MD5.3D7F196E77F986C106E9320B81A5EBBF] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:[MD5.BFFDB363485501A38F0BCA83AEC810DB] - 04/06/2001 - 07:00:00 ---A- C:\WINDOWS\system32\drivers\PS2.sys
O58 - SDL:[MD5.48671F327553DCF1D27F6197F622A668] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:[MD5.7306EEED8895454CBED4669BE9F79FAA] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:[MD5.1C5CC65AAC0783C344F16353E60B72AC] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:[MD5.03B965B1CA47F6EF60EB5E51CB50E0AF] - 05/05/2006 - 10:47:57 ---A- C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 03/08/2004 - 23:01:16 ---A- C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:[MD5.B54CD38A9EBFBF2B3561426E3FE26F62] - 10/06/2005 - 05:10:27 ---A- C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:[MD5.AA56702E230860565CB8D43680F57F33] - 04/08/2004 - 00:40:08 ---A- C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.D18208ED6C768663B08C972EAA7A8B60] - 08/05/2008 - 13:28:49 ---A- C:\WINDOWS\system32\drivers\rmcast.sys
O58 - SDL:[MD5.7CE8B277F3207EA82D7D22AD348BEFC6] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:[MD5.D7FD0FF761E28AC0EA35AD71E0CD67E9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:[MD5.D3DC16B8D62D508A5C69C22B4E9871D1] - 30/12/2006 - 13:25:35 ---A- C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:[MD5.97EC6C60112EBD40C07FE295A38AB1EA] - 01/05/2006 - 12:16:22 R--A- C:\WINDOWS\system32\drivers\SE2Ebus.sys
O58 - SDL:[MD5.B7F1861EB95BD08E7549E024116415E0] - 01/05/2006 - 12:18:50 R--A- C:\WINDOWS\system32\drivers\SE2Ecm.sys
O58 - SDL:[MD5.B7F1861EB95BD08E7549E024116415E0] - 01/05/2006 - 12:18:50 R--A- C:\WINDOWS\system32\drivers\SE2Ecmnt.sys
O58 - SDL:[MD5.EB69804A9EA78B35162D0F15363FF9DC] - 01/05/2006 - 12:15:40 R--A- C:\WINDOWS\system32\drivers\se2Ecr.sys
O58 - SDL:[MD5.ABFE402BA200E82568A5606719397AFA] - 01/05/2006 - 12:17:12 R--A- C:\WINDOWS\system32\drivers\SE2Emdfl.sys
O58 - SDL:[MD5.4ACFE8A2A3C1624964429E83BC7148A4] - 01/05/2006 - 12:17:16 R--A- C:\WINDOWS\system32\drivers\SE2Emdm.sys
O58 - SDL:[MD5.76E23AA90D58FDDEEABD32A33F357FA5] - 01/05/2006 - 12:15:50 R--A- C:\WINDOWS\system32\drivers\se2End5.sys
O58 - SDL:[MD5.BAA5C376BD54BD3327A8680AE73B114B] - 01/05/2006 - 12:18:54 R--A- C:\WINDOWS\system32\drivers\SE2Eobex.sys
O58 - SDL:[MD5.EE8208650571F71D430CF2DA15C1F02A] - 01/05/2006 - 12:15:44 R--A- C:\WINDOWS\system32\drivers\se2Eunic.sys
O58 - SDL:[MD5.42227464320C178E894ACB69786C46CD] - 01/05/2006 - 12:16:20 R--A- C:\WINDOWS\system32\drivers\se2Ewh.sys
O58 - SDL:[MD5.42227464320C178E894ACB69786C46CD] - 01/05/2006 - 12:16:20 R--A- C:\WINDOWS\system32\drivers\SE2Ewhnt.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:53 ---A- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.A2D868AEEFF612E70E213C451A70CAFB] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:[MD5.CD5B9995AFCDB466C9EFC048D167E3BE] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:[MD5.2741C291E33D5AC6B3E79D84F197555D] - 30/12/2006 - 13:18:15 ---A- C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:[MD5.15EE034B33FCE5650D8B2CDD46A62BBB] - 30/12/2006 - 13:18:15 ---A- C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:[MD5.0D13B6DF6E9E101013A7AFB0CE629FE0] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:[MD5.5CAEED86821FA2C6139E32E9E05CCDC9] - 03/08/2004 - 23:10:18 ---A- C:\WINDOWS\system32\drivers\SLIP.sys
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:[MD5.79555B34913CB5D1EA429D295C5A17AC] - 06/11/2006 - 12:56:55 ---A- C:\WINDOWS\system32\drivers\snapman.sys
O58 - SDL:[MD5.ADDC9E4757A68AB60562AD3CB9C288D6] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:[MD5.0CE218578FFF5F4F7E4201539C45C78F] - 14/06/2006 - 09:47:46 ---A- C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:[MD5.E4200CB2F418D8FC4ACDD7E38C419D6A] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:[MD5.AB9C79ED12D65E800AAAD3D72A04792F] - 11/12/2008 - 12:57:21 ---A- C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:[MD5.C43356072EB3E88CD62958DB10CEAD47] - 03/08/2004 - 23:08:04 ---A- C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:[MD5.284C57DF5DC7ABCA656BC2B96A667AFB] - 03/08/2004 - 23:10:14 ---A- C:\WINDOWS\system32\drivers\StreamIP.sys
O58 - SDL:[MD5.03C1BAE4766E2450219D20B993D6E046] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 17/08/2001 - 14:00:52 ---A- C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 03/08/2004 - 23:15:56 ---A- C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:[MD5.A2A9CA0D1A9AC1FF54220AA0789FE5CF] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:[MD5.2A5554FC5B1E04E131230E3CE035C3F9] - 20/06/2008 - 11:45:13 ---A- C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:[MD5.00586ED87AB564B03870A2A3DCC84B55] - 20/06/2008 - 10:52:06 ---A- C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:[MD5.6891B74AB9A016064E82A419388D0601] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:[MD5.A540A99C281D933F3D69D55E48727F47] - 04/08/2004 - 00:58:36 ---A- C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:[MD5.9D4BBD6E27B5562AEA8295DE7134E386] - 11/11/2006 - 02:25:20 ---A- C:\WINDOWS\system32\drivers\thdudf.sys
O58 - SDL:[MD5.F38ADA64542CEB7D019925F83324EA85] - 06/11/2006 - 12:56:55 ---A- C:\WINDOWS\system32\drivers\tifsfilt.sys
O58 - SDL:[MD5.74F3C4C59E23749F9FDCD423B97C6A91] - 06/11/2006 - 12:56:55 ---A- C:\WINDOWS\system32\drivers\timntr.sys
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.50199A89D61B3B1C5CB123182C40B2A4] - 01/12/2006 - 16:04:10 ---A- C:\WINDOWS\system32\drivers\tsmpkt.sys
O58 - SDL:[MD5.87A0E9E18C10A9E454238E3330E2A26D] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:[MD5.12F70256F140CD7D52C58C7048FDE657] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:[MD5.CED744117E91BDC0BEB810F7D8608183] - 23/04/2007 - 11:32:54 ---A- C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:[MD5.AF090265EC388BAB320F1FF7E7A7D5EA] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:[MD5.2654EECC6FB13603EBDDCD5C8EA943D1] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:[MD5.61018BA9DF6B63E51D9753C980E73EC2] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:[MD5.BFFD9F120CC63BCBAA3D840F3EEF9F79] - 03/08/2004 - 23:08:48 ---A- C:\WINDOWS\system32\drivers\usbccgp.sys
O58 - SDL:[MD5.B2CEC14780842613F9495171A5F73C2C] - 04/11/2006 - 10:39:41 ---A- C:\WINDOWS\system32\drivers\USBCRFT.SYS
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:[MD5.15E993BA2F6946B2BFBBFCD30398621E] - 03/08/2004 - 23:08:38 ---A- C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:[MD5.C72F40947F92CEA56A8FB532EDF025F1] - 03/08/2004 - 23:08:44 ---A- C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:[MD5.2853FD4C4489E0F8BFCF78EFCDB7E998] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:[MD5.2034CA78F9C6E787B4B76D81AC888351] - 03/08/2004 - 23:08:44 ---A- C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:[MD5.A42369B7CD8886CD7C70F33DA6FCBCF5] - 03/08/2004 - 23:01:26 ---A- C:\WINDOWS\system32\drivers\usbprint.sys
O58 - SDL:[MD5.A6BC71402F4F7DD5B77FD7F4A8DDBA85] - 03/08/2004 - 22:58:46 ---A- C:\WINDOWS\system32\drivers\usbscan.sys
O58 - SDL:[MD5.6CD7B22193718F1D17A47A1CD6D37E75] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\usbstor.sys
O58 - SDL:[MD5.F8FD1400092E23C8F2F31406EF06167B] - 03/08/2004 - 23:08:38 ---A- C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.8A60EDD72B4EA5AEA8202DAF0E427925] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:[MD5.D5A9D123F5ED7C9965A481BD20CF66D8] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:[MD5.D6888520FF56D72A50437E371CA25FC9] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:[MD5.984EF0B9788ABF89974CFED4BFBAACBC] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:[MD5.B840B0ABFEEBE851672F7B80EA557CF6] - 03/10/2003 - 20:40:12 ---A- C:\WINDOWS\system32\drivers\wbusb.sys
O58 - SDL:[MD5.EFD235CA22B57C81118C1AEB4798F1C1] - 14/06/2006 - 10:00:45 ---A- C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:[MD5.C1B3D9D75C3FB735F5FA3A5806ADED57] - 11/08/2004 - 01:45:06 ---A- C:\WINDOWS\system32\drivers\wpdusb.sys
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:[MD5.D5842484F05E12121C511AA93F6439EC] - 03/08/2004 - 23:10:22 ---A- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
O58 - SDL:[MD5.78F7FA745F772292567B10A894ED6FF5] - 27/06/2007 - 11:49:54 RSH-- C:\WINDOWS\system32\A6CF197AC3.sys
O58 - SDL:[MD5.35F9A34A669FB0A5B615AB00DF1F7D0D] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.261A9791B8279432AD750C262D48327D] - 24/05/2007 - 17:39:02 RSH-- C:\WINDOWS\system32\C37A19CFA6.sys
O58 - SDL:[MD5.BA898B29F0DBF9307F494475A8393F03] - 13/12/2004 - 07:30:27 RSH-- C:\WINDOWS\system32\CC46FDE890.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- C:\WINDOWS\system32\giveio.sys
O58 - SDL:[MD5.20939680D3B6CA7478592BE475519082] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.AF97AC13B0356C1A6F7D4BBF3B08C6F7] - 06/01/2010 - 07:46:45 -SHA- C:\WINDOWS\system32\KGyGaAvL.sys
O58 - SDL:[MD5.2460D981CC788207FED2C89DF40BE3E0] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.E3FA6DB2DEFF73D2C913383DA959513E] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\ntio804.sys
O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF] - 25/09/2008 - 20:07:08 ---A- C:\WINDOWS\system32\PhDi2.sys
O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 24/09/2006 - 14:28:46 ---A- C:\WINDOWS\system32\speedfan.sys
O58 - SDL:[MD5.C9BF2F12C4E6C12F8A85FBA4B6BC6208] - 10/08/2004 - 13:00:00 ---A- C:\WINDOWS\system32\watchdog.sys
O58 - SDL:[MD5.CC3F712734585BEBE13A22CEA1F0B341] - 14/08/2009 - 16:18:59 ---A- C:\WINDOWS\system32\win32k.sys

---\\ Alternate Data Stream File (ADS) (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\:svchost
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Thumbs.db:encryptable

---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24
O63 - Logiciel: RSIT


End of the scan: 993 lines
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 01 Fév 2010 19:49

Re,

Voilà des rapports qui parlent un petit peu plus :supers:
On va vérifier une chose:

Télécharge LOP S&D crée par Eric71

  • Double-clique dessus pour lancer l'installation.
  • Double-clique sur le raccourci présent sur ton Bureau.
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré ,situé aussi ici C:\lopR.txt


Si ton Bureau ne réapparaît pas:

    - Fais CTRL+ALT+SUPP pour ouvrir le Gestionnaire de tâches.
    - Clique en haut à gauche sur "Fichier"
    - Choisi "Nouvelle tâche" (Exécuter ...)
    - Tape "explorer" et valide.
    - Cela fera apparaître ton Bureau.



A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar guy-pierre » 01 Fév 2010 20:37

Voici le rapport:
lorsque j'ai cliqué sur le lien pour télécharger le soft, un nouvel onglet avec une page de pub s'est ouvert :( . Je ne sais pas si je vais m'en sortir...

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.40GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : guy ( Administrator )
BOOT : Normal boot
Antivirus : NOD32 Antivirus System 2.50 2.50 (Activated)
Firewall : COMODO Firewall Pro 2.3.035 (Activated)
C:\ (Local Disk) - NTFS - Total:213 Go (Free:165 Go)
D:\ (Local Disk) - FAT32 - Total:2 Go (Free:0 Go)
E:\ (Local Disk) - NTFS - Total:211 Go (Free:135 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (CD or DVD)
M:\ (CD or DVD)
N:\ (Local Disk) - NTFS - Total:17 Go (Free:17 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 01/02/2010|20:25 )

--------------------\\ Listing des dossiers dans ANWEND~1

[06/12/2004|10:22] C:\DOKUME~1\ADMINI~1\ANWEND~1\Apple Computer
[05/12/2004|15:45] C:\DOKUME~1\ADMINI~1\ANWEND~1\Identities
[06/12/2004|11:31] C:\DOKUME~1\ADMINI~1\ANWEND~1\Microsoft
[06/12/2004|10:32] C:\DOKUME~1\ADMINI~1\ANWEND~1\Sonic
[06/12/2004|09:44] C:\DOKUME~1\ADMINI~1\ANWEND~1\Symantec
[0|Datei(en)] C:\DOKUME~1\ADMINI~1\ANWEND~1\Bytes
[7|Verzeichnis(se),] C:\DOKUME~1\ADMINI~1\ANWEND~1\Bytes frei

[08/09/2009|06:51] C:\DOKUME~1\ALLUSE~1\ANWEND~1\{55A29068-F2CE-456C-9148-C869879E2357}
[28/11/2006|17:56] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Ahead
[07/11/2006|15:40] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Apple Computer
[07/09/2007|19:28] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Comodo
[27/06/2007|11:48] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Corel
[27/01/2010|05:00] C:\DOKUME~1\ALLUSE~1\ANWEND~1\DVD Shrink
[15/09/2007|06:18] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Grisoft
[15/01/2007|21:50] C:\DOKUME~1\ALLUSE~1\ANWEND~1\InstallShield
[06/11/2009|18:17] C:\DOKUME~1\ALLUSE~1\ANWEND~1\LogMeIn
[11/10/2009|09:44] C:\DOKUME~1\ALLUSE~1\ANWEND~1\MAGIX
[20/09/2009|05:26] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Malwarebytes
[24/01/2010|07:47] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Microsoft
[06/09/2007|06:53] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Nero
[28/01/2010|18:38] C:\DOKUME~1\ALLUSE~1\ANWEND~1\NOS
[06/11/2006|10:02] C:\DOKUME~1\ALLUSE~1\ANWEND~1\nView_Profiles
[23/01/2010|06:31] C:\DOKUME~1\ALLUSE~1\ANWEND~1\PACE Anti-Piracy
[12/12/2009|07:23] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Raxco
[06/09/2009|06:07] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Skype
[19/03/2008|19:40] C:\DOKUME~1\ALLUSE~1\ANWEND~1\SlySoft
[01/02/2010|13:14] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Spybot - Search & Destroy
[28/01/2010|18:58] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Sun
[04/11/2006|10:23] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Symantec
[29/03/2007|04:51] C:\DOKUME~1\ALLUSE~1\ANWEND~1\T-DSL Manager
[01/02/2010|17:36] C:\DOKUME~1\ALLUSE~1\ANWEND~1\TEMP
[24/01/2010|10:28] C:\DOKUME~1\ALLUSE~1\ANWEND~1\TomTom
[23/02/2008|11:12] C:\DOKUME~1\ALLUSE~1\ANWEND~1\TuneUp Software
[06/11/2006|13:40] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Windows Genuine Advantage
[02/04/2008|22:46] C:\DOKUME~1\ALLUSE~1\ANWEND~1\WLInstaller
[0|Datei(en)] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Bytes
[30|Verzeichnis(se),] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Bytes frei

[06/12/2004|10:22] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Apple Computer
[05/12/2004|15:45] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Identities
[06/12/2004|11:31] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Microsoft
[06/12/2004|10:32] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Sonic
[06/12/2004|09:44] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Symantec
[0|Datei(en)] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Bytes
[7|Verzeichnis(se),] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Bytes frei

[29/01/2010|05:14] C:\DOKUME~1\GUYMON~1\ANWEND~1\Adobe
[18/11/2007|10:31] C:\DOKUME~1\GUYMON~1\ANWEND~1\Ahead
[06/12/2004|10:22] C:\DOKUME~1\GUYMON~1\ANWEND~1\Apple Computer
[17/11/2006|07:28] C:\DOKUME~1\GUYMON~1\ANWEND~1\ChessBase
[05/01/2008|16:22] C:\DOKUME~1\GUYMON~1\ANWEND~1\Comodo
[06/01/2010|07:47] C:\DOKUME~1\GUYMON~1\ANWEND~1\Corel
[28/09/2008|13:37] C:\DOKUME~1\GUYMON~1\ANWEND~1\DivX
[31/01/2010|20:05] C:\DOKUME~1\GUYMON~1\ANWEND~1\dvdcss
[23/01/2010|06:34] C:\DOKUME~1\GUYMON~1\ANWEND~1\DxO Labs
[31/10/2009|09:11] C:\DOKUME~1\GUYMON~1\ANWEND~1\EAST Technologies
[06/01/2010|16:04] C:\DOKUME~1\GUYMON~1\ANWEND~1\FastStone
[29/03/2009|17:58] C:\DOKUME~1\GUYMON~1\ANWEND~1\FFRend
[07/01/2007|11:23] C:\DOKUME~1\GUYMON~1\ANWEND~1\Help
[28/08/2009|16:24] C:\DOKUME~1\GUYMON~1\ANWEND~1\Identities
[15/10/2007|17:52] C:\DOKUME~1\GUYMON~1\ANWEND~1\InstallShield
[06/11/2006|12:36] C:\DOKUME~1\GUYMON~1\ANWEND~1\Leadertech
[08/04/2009|04:47] C:\DOKUME~1\GUYMON~1\ANWEND~1\LEAPS
[04/11/2006|10:10] C:\DOKUME~1\GUYMON~1\ANWEND~1\Macromedia
[20/09/2009|05:26] C:\DOKUME~1\GUYMON~1\ANWEND~1\Malwarebytes
[05/11/2006|09:18] C:\DOKUME~1\GUYMON~1\ANWEND~1\Media Player Classic
[27/10/2007|05:54] C:\DOKUME~1\GUYMON~1\ANWEND~1\Micro Application
[12/12/2009|11:17] C:\DOKUME~1\GUYMON~1\ANWEND~1\Microsoft
[11/10/2009|15:24] C:\DOKUME~1\GUYMON~1\ANWEND~1\Mozilla
[27/10/2009|21:00] C:\DOKUME~1\GUYMON~1\ANWEND~1\MyPhoneExplorer
[23/01/2010|06:31] C:\DOKUME~1\GUYMON~1\ANWEND~1\PACE Anti-Piracy
[18/08/2009|10:23] C:\DOKUME~1\GUYMON~1\ANWEND~1\Panasonic
[08/04/2009|04:01] C:\DOKUME~1\GUYMON~1\ANWEND~1\Pegasys Inc
[07/11/2006|11:52] C:\DOKUME~1\GUYMON~1\ANWEND~1\PgcEdit
[11/10/2009|15:23] C:\DOKUME~1\GUYMON~1\ANWEND~1\Photodex
[28/08/2009|16:25] C:\DOKUME~1\GUYMON~1\ANWEND~1\PhotoFiltre Studio X
[29/01/2010|14:35] C:\DOKUME~1\GUYMON~1\ANWEND~1\QuickScan
[27/01/2010|18:11] C:\DOKUME~1\GUYMON~1\ANWEND~1\Real
[04/07/2008|15:40] C:\DOKUME~1\GUYMON~1\ANWEND~1\RipIt4Me
[10/02/2008|09:02] C:\DOKUME~1\GUYMON~1\ANWEND~1\Shareaza
[01/02/2010|20:25] C:\DOKUME~1\GUYMON~1\ANWEND~1\Skype
[01/02/2010|18:23] C:\DOKUME~1\GUYMON~1\ANWEND~1\skypePM
[26/11/2007|18:16] C:\DOKUME~1\GUYMON~1\ANWEND~1\Sonic
[05/11/2006|15:54] C:\DOKUME~1\GUYMON~1\ANWEND~1\Sun
[06/12/2004|09:44] C:\DOKUME~1\GUYMON~1\ANWEND~1\Symantec
[04/11/2006|15:38] C:\DOKUME~1\GUYMON~1\ANWEND~1\Talkback
[29/07/2007|08:54] C:\DOKUME~1\GUYMON~1\ANWEND~1\T-DSL Manager
[04/11/2006|18:58] C:\DOKUME~1\GUYMON~1\ANWEND~1\T-DSL SpeedManager
[27/07/2007|09:51] C:\DOKUME~1\GUYMON~1\ANWEND~1\Teleca
[04/11/2006|15:38] C:\DOKUME~1\GUYMON~1\ANWEND~1\Thunderbird
[24/01/2010|10:27] C:\DOKUME~1\GUYMON~1\ANWEND~1\TomTom
[06/11/2006|11:00] C:\DOKUME~1\GUYMON~1\ANWEND~1\TuneUp Software
[02/12/2009|21:01] C:\DOKUME~1\GUYMON~1\ANWEND~1\Uniblue
[13/08/2008|09:40] C:\DOKUME~1\GUYMON~1\ANWEND~1\URSoft
[01/02/2010|20:25] C:\DOKUME~1\GUYMON~1\ANWEND~1\uTorrent
[05/12/2009|18:00] C:\DOKUME~1\GUYMON~1\ANWEND~1\vlc
[20/12/2008|08:31] C:\DOKUME~1\GUYMON~1\ANWEND~1\Vso
[08/09/2007|20:04] C:\DOKUME~1\GUYMON~1\ANWEND~1\XnView
[0|Datei(en)] C:\DOKUME~1\GUYMON~1\ANWEND~1\Bytes
[54|Verzeichnis(se),] C:\DOKUME~1\GUYMON~1\ANWEND~1\Bytes frei

[27/01/2010|19:31] C:\DOKUME~1\LOCALS~1\ANWEND~1\Adobe
[11/09/2009|04:33] C:\DOKUME~1\LOCALS~1\ANWEND~1\DivX
[04/01/2008|17:50] C:\DOKUME~1\LOCALS~1\ANWEND~1\EAST Technologies
[05/12/2004|15:44] C:\DOKUME~1\LOCALS~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\LOCALS~1\ANWEND~1\Bytes
[6|Verzeichnis(se),] C:\DOKUME~1\LOCALS~1\ANWEND~1\Bytes frei

[06/12/2004|10:22] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Apple Computer
[06/12/2004|10:29] C:\DOKUME~1\LOGMEI~1\ANWEND~1\CyberLink
[05/12/2004|15:45] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Identities
[06/12/2004|11:31] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Microsoft
[06/12/2004|10:32] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Sonic
[06/12/2004|09:44] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Symantec
[0|Datei(en)] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Bytes
[8|Verzeichnis(se),] C:\DOKUME~1\LOGMEI~1\ANWEND~1\Bytes frei

[27/01/2010|20:33] C:\DOKUME~1\NETWOR~1\ANWEND~1\Adobe
[05/12/2004|15:47] C:\DOKUME~1\NETWOR~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\NETWOR~1\ANWEND~1\Bytes
[4|Verzeichnis(se),] C:\DOKUME~1\NETWOR~1\ANWEND~1\Bytes frei

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[01/02/2010 20:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[01/02/2010 18:17][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Programme

[07/10/2009|22:16] C:\Programme\7-Zip
[07/10/2009|22:22] C:\Programme\AC3Filter
[04/10/2007|06:45] C:\Programme\Ant Movie Catalog
[07/10/2009|21:54] C:\Programme\Autoplay Repair
[07/01/2007|10:27] C:\Programme\AVICalc2
[07/01/2007|12:41] C:\Programme\AVIcodec
[07/10/2009|22:22] C:\Programme\AviSynth 2.5
[26/01/2010|17:49] C:\Programme\Blu-ray to DVD Pro
[24/11/2009|05:00] C:\Programme\CCleaner
[07/10/2009|22:22] C:\Programme\cdrLabel 7.1
[24/02/2007|08:37] C:\Programme\ChessBase
[27/06/2007|05:40] C:\Programme\Cinema Craft Encoder SP v2.67.00.27
[05/01/2008|16:16] C:\Programme\Comodo
[07/11/2006|10:03] C:\Programme\CutePDF Writer
[31/01/2010|07:01] C:\Programme\DivX
[07/11/2006|11:31] C:\Programme\DVD Decrypter
[07/11/2006|11:06] C:\Programme\DVD Shrink
[11/10/2009|16:11] C:\Programme\DVD slideshow GUI
[07/11/2006|12:35] C:\Programme\DVDate
[18/12/2009|06:19] C:\Programme\DVDlabPro2
[07/10/2009|22:22] C:\Programme\DVD-RB PRO
[06/04/2009|22:00] C:\Programme\DVDStyler
[23/01/2010|13:31] C:\Programme\DxO Labs
[31/10/2009|09:59] C:\Programme\East-Tec Eraser 2009
[05/11/2006|09:29] C:\Programme\Easy Internet signup
[10/11/2006|18:35] C:\Programme\Elaborate Bytes
[29/08/2008|07:30] C:\Programme\Empty Temp Folders 2.8.3
[07/10/2009|05:22] C:\Programme\Eset
[06/01/2010|16:20] C:\Programme\FastStone Image Viewer
[28/01/2010|18:58] C:\Programme\Gemeinsame Dateien
[29/08/2008|07:34] C:\Programme\GPLGS
[17/10/2007|06:30] C:\Programme\Grisoft
[08/11/2006|07:13] C:\Programme\GSpot
[06/12/2004|11:16] C:\Programme\HighMAT CD Writing Wizard
[04/11/2006|09:11] C:\Programme\HP
[30/10/2009|04:49] C:\Programme\InstallShield Installation Information
[06/12/2004|06:20] C:\Programme\Intel
[10/10/2009|03:20] C:\Programme\Internet Explorer
[06/12/2004|10:22] C:\Programme\iPod
[28/01/2010|19:07] C:\Programme\Java
[22/01/2007|07:19] C:\Programme\Jufsoft
[06/12/2009|15:47] C:\Programme\jv16 PowerTools 2009
[04/11/2006|16:20] C:\Programme\LedPC Application
[15/10/2007|17:43] C:\Programme\Logitech
[01/02/2010|05:57] C:\Programme\LogMeIn
[01/02/2010|18:08] C:\Programme\Malwarebytes' Anti-Malware
[20/10/2009|17:04] C:\Programme\Media Player Classic
[05/11/2006|16:52] C:\Programme\MediaInfo
[27/10/2007|05:37] C:\Programme\Micro Application
[12/09/2009|05:15] C:\Programme\Microsoft
[05/12/2004|15:45] C:\Programme\microsoft frontpage
[24/01/2010|14:00] C:\Programme\Microsoft Office
[10/10/2009|03:20] C:\Programme\Movie Maker
[31/01/2010|07:35] C:\Programme\Mozilla Firefox
[01/02/2010|14:49] C:\Programme\Mozilla Thunderbird
[19/08/2009|16:02] C:\Programme\MSBuild
[24/01/2010|14:00] C:\Programme\MSECACHE
[05/12/2004|15:41] C:\Programme\MSN Gaming Zone
[16/03/2008|07:46] C:\Programme\MSXML 6.0
[06/02/2007|17:07] C:\Programme\Multi_Media
[28/10/2009|05:36] C:\Programme\MyPhoneExplorer
[07/09/2007|06:59] C:\Programme\Nero
[25/10/2009|09:27] C:\Programme\NetMeeting
[29/04/2009|20:41] C:\Programme\Online-Dienste
[10/10/2009|03:20] C:\Programme\Outlook Express
[20/12/2008|14:02] C:\Programme\Panda Security
[15/04/2009|19:35] C:\Programme\Pegasys Inc
[12/10/2009|22:11] C:\Programme\Photodex
[12/10/2009|19:55] C:\Programme\Photodex Presenter
[31/01/2010|17:20] C:\Programme\PhotoFiltre Studio X
[07/11/2006|15:42] C:\Programme\QuickTime Alternative
[27/01/2010|18:11] C:\Programme\Radio Fr Solo
[31/01/2010|17:20] C:\Programme\Raxco
[27/01/2010|18:05] C:\Programme\Real Alternative
[07/10/2009|05:23] C:\Programme\RealDrawPRO4
[05/02/2008|15:00] C:\Programme\Reference Assemblies
[27/10/2009|06:43] C:\Programme\Ripp-it_AM
[07/10/2009|22:22] C:\Programme\Shareaza
[06/09/2009|09:37] C:\Programme\Skype
[05/11/2009|18:24] C:\Programme\Spybot
[10/10/2009|08:31] C:\Programme\Stardock
[17/12/2006|09:37] C:\Programme\Subtitle Workshop
[07/10/2009|22:22] C:\Programme\Symantec
[29/03/2007|04:51] C:\Programme\T-DSL Manager
[05/01/2008|16:43] C:\Programme\TimeAdjuster
[24/01/2010|11:44] C:\Programme\TomTom DesktopSuite
[24/01/2010|10:26] C:\Programme\TomTom HOME 2
[24/01/2010|10:26] C:\Programme\TomTom International B.V
[09/09/2007|15:11] C:\Programme\Torrent Harvester
[08/09/2009|07:23] C:\Programme\TuneUp Utilities 2009
[26/10/2009|05:36] C:\Programme\Ultra MKV Converter
[05/12/2009|16:54] C:\Programme\UltraISO
[03/12/2009|05:13] C:\Programme\Uniblue
[05/12/2004|15:48] C:\Programme\Uninstall Information
[03/10/2009|09:49] C:\Programme\Unlocker
[18/10/2008|11:43] C:\Programme\uTorrent
[05/12/2009|18:29] C:\Programme\VideoLAN
[07/11/2006|12:08] C:\Programme\vso
[08/12/2009|21:46] C:\Programme\Winamp
[07/10/2009|21:54] C:\Programme\Windows Installer Clean Up
[12/09/2009|05:15] C:\Programme\Windows Live
[12/09/2009|05:15] C:\Programme\Windows Live SkyDrive
[06/11/2006|09:15] C:\Programme\Windows Media Components
[10/10/2009|03:20] C:\Programme\Windows Media Player
[10/10/2009|03:20] C:\Programme\Windows NT
[05/12/2004|15:41] C:\Programme\Windows Plus
[05/12/2004|15:43] C:\Programme\WindowsUpdate
[05/12/2004|15:45] C:\Programme\xerox
[07/10/2009|22:18] C:\Programme\XviD
[24/12/2008|10:20] C:\Programme\Your Uninstaller 2008
[01/02/2010|18:40] C:\Programme\ZHPDiag
[0|Datei(en)] C:\Programme\Bytes
[114|Verzeichnis(se),] C:\Programme\Bytes frei

--------------------\\ Listing des dossiers dans C:\Programme\Gemeinsame Dateien

[06/11/2006|12:57] C:\Programme\Gemeinsame Dateien\Acronis
[06/09/2007|06:54] C:\Programme\Gemeinsame Dateien\Ahead
[17/11/2006|07:12] C:\Programme\Gemeinsame Dateien\ChessBase
[06/11/2006|22:40] C:\Programme\Gemeinsame Dateien\Designer
[16/01/2007|23:56] C:\Programme\Gemeinsame Dateien\Dienste
[08/01/2009|23:23] C:\Programme\Gemeinsame Dateien\EZB Systems
[04/11/2006|09:11] C:\Programme\Gemeinsame Dateien\Hewlett-Packard
[04/11/2006|09:08] C:\Programme\Gemeinsame Dateien\HP
[15/01/2007|21:46] C:\Programme\Gemeinsame Dateien\InstallShield
[28/01/2010|18:58] C:\Programme\Gemeinsame Dateien\Java
[06/11/2006|09:17] C:\Programme\Gemeinsame Dateien\Logitech
[24/12/2008|11:49] C:\Programme\Gemeinsame Dateien\MAGIX Shared
[24/01/2010|14:00] C:\Programme\Gemeinsame Dateien\Microsoft Shared
[05/12/2004|15:43] C:\Programme\Gemeinsame Dateien\MSSoap
[18/10/2007|16:48] C:\Programme\Gemeinsame Dateien\NSV
[05/12/2004|15:37] C:\Programme\Gemeinsame Dateien\ODBC
[23/01/2010|06:31] C:\Programme\Gemeinsame Dateien\PACE Anti-Piracy
[06/01/2010|14:51] C:\Programme\Gemeinsame Dateien\PC Tools
[12/10/2009|17:51] C:\Programme\Gemeinsame Dateien\Remote Control Software Shared
[15/10/2007|17:51] C:\Programme\Gemeinsame Dateien\Remote Control USB Driver
[06/09/2009|06:07] C:\Programme\Gemeinsame Dateien\Skype
[05/12/2004|15:37] C:\Programme\Gemeinsame Dateien\SpeechEngines
[10/10/2009|04:13] C:\Programme\Gemeinsame Dateien\Stardock
[24/01/2010|07:47] C:\Programme\Gemeinsame Dateien\System
[29/03/2007|04:51] C:\Programme\Gemeinsame Dateien\T-COM
[12/09/2009|05:11] C:\Programme\Gemeinsame Dateien\Windows Live
[02/04/2008|22:56] C:\Programme\Gemeinsame Dateien\WindowsLiveInstaller
[0|Datei(en)] C:\Programme\Gemeinsame Dateien\Bytes
[29|Verzeichnis(se),] C:\Programme\Gemeinsame Dateien\Bytes frei

--------------------\\ Process

( 41 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Programme\Multi_Media
C:\Programme\Multi_Media\INSTALL.LOG

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-01 20:28:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 53

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..



[F:53][D:6]-> C:\DOKUME~1\GUYMON~1\LOKALE~1\Temp
[F:6][D:0]-> C:\DOKUME~1\GUYMON~1\Cookies
[F:10][D:4]-> C:\DOKUME~1\GUYMON~1\LOKALE~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 01/02/2010|20:29 - Option : [1]

--------------------\\ Fin du rapport a 20:29:39
guy-pierre
 
Messages: 26
Inscription: 29 Jan 2010 16:07

Re: Fenêtres intempestives avec FF v. 3.6

Messagepar Florinator » 02 Fév 2010 10:05

Bonjour Guy-pierre,

On va déjà supprimer ce qu'il reste, tu me diras ensuite si ton popup est encore présent, il peut être généré par Multi_media:


  • Copie ces lignes ci dessous:

O40 - ASIC: (no name) - {746D4559-98B4-5E0B-82D3-5BD1E9229B4E} - C:\WINDOWS\system32:svchost.exe
O43 - CFD:Common File Directory ----D- C:\Programme\Multi_Media
O44 - LFC:[MD5.6CD9C2502E14C3EC98803DDAB5DB7123] - 27/01/2010 - 19:41:14 ---A- C:\WINDOWS\System32\cejsnzzx

  • Ouvre ZHPDiag, puis clique sur l'icône Image
  • Clique successivement sur l'icône Image,pour effacer le rapport qui s'est affiché
  • Clique ensuite sur Image pour coller la sélection
  • Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
  • Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
  • Clique sur "Tous" puis sur "Nettoyer".
    Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immédiatement.
  • Copie/colle le rapport dans ton prochain post.

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt

A++
Le savoir n'est utile que si il est transmis.
Avatar de l’utilisateur
Florinator
Maître Libellulien
Maître Libellulien
 
Messages: 661
Inscription: 28 Déc 2009 16:19

Suivante

Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 7 invités