Se connecter / S'enregistrer
Votre question

[Résolu]VIRUS " Gendarmerie " Activite illicite demelee,

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Mars 2012 10:28:32

Bonjour, mon ordi est bloqué, je ne peux pas démarer en mode sans echec, sans echec avec réseaux et invite de commandes
Merci de m indiquer la marche à suivre afin de supprimer ce virus

Autres pages sur : resolu virus gendarmerie activite illicite demelee

19 Mars 2012 12:34:01

Sur mon ordi j ai windows XP, j ai fait le tour des forums mais je ne vois pas comment faire, je n y arrive pas, j ai pas envie de formater et de tout perdre. Merci
Contenus similaires
20 Mars 2012 19:14:53

voici le scan

OTL logfile created on: 3/20/2012 6:25:02 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 80.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20.00 Gb Total Space | 1.03 Gb Free Space | 5.16% Space Free | Partition Type: NTFS
Drive D: | 445.75 Gb Total Space | 394.39 Gb Free Space | 88.48% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2012/02/26 19:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/08/31 16:53:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 10:34:41 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/29 12:23:30 | 000,665,656 | ---- | M] (Orange) [Auto] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)
SRV - [2007/12/17 18:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/10/31 12:37:50 | 000,237,032 | ---- | M] (XIMETA, Inc.) [Auto] -- C:\Program Files\NDAS\System\ndassvc.exe -- (ndassvc)
SRV - [2007/01/11 18:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/08/31 16:53:46 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/31 16:53:46 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/21 11:25:52 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/11/23 13:25:45 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/06/17 10:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 10:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/22 11:37:50 | 005,082,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/04/22 09:46:42 | 003,482,112 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/02/08 18:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hxctlflt.sys -- (hxctlflt)
DRV - [2008/11/12 04:58:38 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/08/05 08:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/07/31 22:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/31 22:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/10/31 12:37:54 | 000,187,240 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndasscsi.sys -- (ndasscsi)
DRV - [2007/10/31 12:37:52 | 000,372,584 | ---- | M] (XIMETA, Inc.) [File_System | System] -- C:\WINDOWS\system32\drivers\ndasfat.sys -- (ndasfat)
DRV - [2007/10/31 12:37:50 | 000,254,440 | ---- | M] (XIMETA, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\lfsfilt.sys -- (lfsfilt)
DRV - [2007/10/31 12:37:50 | 000,075,752 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndasbus.sys -- (ndasbus)
DRV - [2007/10/31 12:37:50 | 000,062,056 | ---- | M] (XIMETA, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\lpx.sys -- (lpx)
DRV - [2007/10/18 18:29:36 | 000,014,848 | ---- | M] (Copyright (C) Listan GmbH & Co.KG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\systormflb.sys -- (systormflb)
DRV - [2007/04/16 10:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/01/25 11:45:02 | 000,006,784 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\whfltr2k.sys -- (whfltr2k)
DRV - [2006/01/04 03:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/09/29 13:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/08/10 08:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005/05/16 09:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/08/12 22:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\didier_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
IE - HKU\didier_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\didier_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\searchweb\tbunse2BA.tmp\tbhelper.dll ()
IE - HKU\didier_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\didier_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.fr"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: OrangeVideo@orange.fr:1.2.1.12788
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: widestream6@spointer.com:4.0.1938.5
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=108988&babsrc=adbartrp&mn..."
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\didier\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2012/01/08 07:35:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/17 15:49:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/15 04:13:07 | 000,000,000 | ---D | M]

[2010/10/10 12:17:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\didier\Application Data\Mozilla\Extensions
[2012/02/09 05:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\extensions
[2012/02/09 05:10:02 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\extensions\ffxtlbr@babylon.com
[2011/06/13 14:13:05 | 000,000,000 | ---D | M] (Orange Vidéo) -- C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\extensions\OrangeVideo@orange.fr
[2012/02/03 12:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/02/17 15:49:12 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/10 00:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/29 10:07:26 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/02/09 05:09:56 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/01/29 09:55:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/29 10:07:26 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/01/29 10:07:26 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/01/29 10:07:26 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/01/29 10:07:26 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2001/08/28 10:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-299284128b91} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (TBSB02609 Class) - {C0924543-15FD-4F3D-889C-0B4562A9CB45} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\didier\Application Data\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\didier_ON_C\..\Toolbar\ShellBrowser: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O3 - HKU\didier_ON_C\..\Toolbar\WebBrowser: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O3 - HKU\didier_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [OPTENET_GUI] C:\Program Files\Controle Parental\bin\OPTGui.exe (Orange)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\0.2793349546436993h7i.exe ()
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKLM..\Run: [XtrCtrlExEmotion] C:\Program Files\Hercules\Dualpix Emotion\XtrCtrlEx.exe (Guillemot Corporation S.A.)
O4 - HKU\.DEFAULT..\RunOnce: [LSD_III] C:\WINDOWS\LSD\end.cmd ()
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [LSD_III] C:\WINDOWS\LSD\end.cmd ()
O4 - HKU\LocalService_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [LSD_III] C:\WINDOWS\LSD\end.cmd ()
O4 - HKU\NetworkService_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe (XIMETA, Inc.)
O4 - Startup: C:\Documents and Settings\didier\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - C:\Program Files\searchweb\tbunse2BA.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Controle Parental\bin\lsp.dll (Optenet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-wind... (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-wind... (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-wind... (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/30 05:09:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found




ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msaudio1 - msaud32.acm File not found
Drivers32: msacm.sl_anet - sl_anet.acm File not found
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2012/03/17 16:33:48 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/03/17 09:43:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
[2012/03/17 09:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/17 09:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/16 19:10:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\didier\Recent
[2012/03/15 08:00:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Aladdin
[2012/03/15 04:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2012/03/15 04:12:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/12 04:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\PulsPlayer
[2012/03/04 14:33:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\POP3Profiles
[2012/03/04 14:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Ubisoft
[2012/03/04 13:23:45 | 000,140,488 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx
[2012/03/04 13:23:45 | 000,115,016 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSINET.OCX
[2012/03/04 13:23:45 | 000,089,360 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2012/03/04 13:23:45 | 000,026,096 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlinst.exe
[2012/03/04 13:21:48 | 000,000,000 | ---D | C] -- C:\Program Files\UBISOFT
[2011/02/21 09:08:28 | 000,184,320 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2011/02/21 09:08:28 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/20 05:32:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/20 05:31:15 | 000,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012/03/17 09:50:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/17 09:48:45 | 000,168,448 | ---- | M] () -- C:\WINDOWS\System32\0.2793349546436993h7i.exe
[2012/03/17 09:43:14 | 000,001,586 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2012/03/17 09:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
[2012/03/16 16:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Aladdin
[2012/03/15 07:46:18 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[2012/03/15 04:13:07 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012/03/15 04:13:07 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012/03/14 17:50:03 | 000,118,200 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\Autres courriers entrants 1.pdf
[2012/03/14 17:50:02 | 000,004,952 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\ATT00030.jpg
[2012/03/14 08:09:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/14 03:15:08 | 000,013,415 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\courier caf 2.odt
[2012/03/12 04:36:33 | 000,000,754 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\PulsPlayer.lnk
[2012/03/04 14:33:21 | 000,001,876 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Prince of Persia T2T.lnk
[2012/03/04 14:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Ubisoft
[2012/03/04 14:01:30 | 000,002,074 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\Ubisoft Product Registration.lnk
[2012/02/28 16:04:31 | 000,218,058 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\40 ans ALEX.pdf
[2012/02/28 13:30:19 | 000,019,345 | ---- | M] () -- C:\Documents and Settings\didier\Bureau\cv did 2012.odt
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/17 09:48:49 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\0.2793349546436993h7i.exe
[2012/03/17 09:43:14 | 000,001,586 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk
[2012/03/15 04:13:07 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012/03/15 04:13:07 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012/03/14 17:50:03 | 000,118,200 | ---- | C] () -- C:\Documents and Settings\didier\Bureau\Autres courriers entrants 1.pdf
[2012/03/14 17:50:02 | 000,004,952 | ---- | C] () -- C:\Documents and Settings\didier\Bureau\ATT00030.jpg
[2012/03/14 03:15:08 | 000,013,415 | ---- | C] () -- C:\Documents and Settings\didier\Bureau\courier caf 2.odt
[2012/03/12 04:36:33 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\PulsPlayer.lnk
[2012/03/04 14:33:21 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Prince of Persia T2T.lnk
[2012/03/04 14:01:30 | 000,002,074 | ---- | C] () -- C:\Documents and Settings\didier\Bureau\Ubisoft Product Registration.lnk
[2012/03/04 13:23:45 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2012/03/04 13:23:45 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2012/03/04 13:23:45 | 000,035,840 | R--- | C] () -- C:\WINDOWS\System32\comdlg32.oca
[2012/03/04 13:23:45 | 000,029,184 | R--- | C] () -- C:\WINDOWS\System32\MSINET.oca
[2012/02/28 16:04:31 | 000,218,058 | ---- | C] () -- C:\Documents and Settings\didier\Bureau\40 ans ALEX.pdf
[2012/01/22 13:22:25 | 000,004,436 | ---- | C] () -- C:\WINDOWS\jxqn-sh24.ini
[2011/07/25 04:26:55 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DcmLtbox-WS.ini
[2011/02/21 16:17:54 | 000,230,912 | ---- | C] () -- C:\WINDOWS\OptChecker.exe
[2011/02/21 13:44:45 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\didier\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/21 09:08:28 | 003,482,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2011/02/21 09:08:28 | 000,027,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2011/02/21 09:08:28 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2011/01/09 08:54:37 | 000,018,604 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/08 11:24:05 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/11/03 11:48:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/28 09:53:54 | 000,139,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/10/28 09:53:54 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\didier\Application Data\PnkBstrK.sys
[2010/10/28 09:12:34 | 000,183,152 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/10/28 09:12:34 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/28 09:12:33 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010/10/10 12:16:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/19 06:18:06 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010/09/01 07:38:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/06/21 03:17:08 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/06/21 03:17:08 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/06/21 03:17:08 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/06/21 03:17:08 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/06/21 03:17:08 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/06/21 03:17:08 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/06/21 03:17:08 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/06/21 03:17:08 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/06/21 03:17:08 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/06/21 03:17:08 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/06/21 03:17:08 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/06/21 03:17:08 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/06/21 03:17:08 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/06/21 03:17:08 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/06/21 03:17:08 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/06/21 03:17:08 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/06/21 03:17:08 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/06/21 03:17:08 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/06/21 03:17:08 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/03/31 04:43:31 | 000,000,022 | ---- | C] () -- C:\WINDOWS\FightBoard.INI
[2010/03/31 02:24:41 | 000,004,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2010/03/31 02:16:37 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010/03/31 02:16:31 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010/03/31 02:16:28 | 000,017,628 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/03/31 02:16:28 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010/03/30 07:03:46 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/03/30 07:02:52 | 000,136,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/30 05:12:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/03/30 05:09:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\Calendar.dll
[2010/03/30 05:09:46 | 000,069,632 | ---- | C] () -- C:\WINDOWS\LC.dll
[2010/03/30 05:09:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\LClock.exe
[2010/03/30 05:09:46 | 000,004,336 | ---- | C] () -- C:\WINDOWS\LClock.ini
[2010/03/30 05:09:46 | 000,003,166 | ---- | C] () -- C:\WINDOWS\Calendar.ini
[2010/03/30 05:09:46 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2010/03/30 05:09:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\Events.ini
[2010/03/30 05:07:49 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/14 14:54:00 | 001,597,690 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/04/13 20:03:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/04/13 20:03:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/04/13 20:03:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/04/13 20:03:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/04/13 20:03:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/04/13 20:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/04/13 20:03:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/04/13 20:03:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/10/07 03:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007/01/25 11:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys
[2004/08/19 12:23:26 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/19 12:09:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/02 10:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/17 07:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/28 10:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/28 10:00:00 | 000,467,620 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/08/28 10:00:00 | 000,400,624 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/28 10:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/08/28 10:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/28 10:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/28 10:00:00 | 000,075,696 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/08/28 10:00:00 | 000,062,286 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/28 10:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/28 10:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/08/28 10:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/28 10:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/08/23 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2012/02/09 05:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\Babylon
[2011/02/21 11:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\DAEMON Tools Lite
[2010/11/14 08:30:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\DeepBurner
[2010/09/01 07:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\EPSON
[2010/11/14 10:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\InfraRecorder
[2011/02/21 12:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\Leadertech
[2012/02/09 05:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\Media Finder
[2010/06/09 07:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\OpenOffice.org
[2011/12/29 05:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\Toolbar4
[2012/01/08 07:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\didier\Application Data\widestream
[2012/02/09 05:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011/02/21 11:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/01/10 14:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2012/01/10 14:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/06/21 03:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/03/04 14:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\POP3Profiles
[2010/06/21 03:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/05/26 15:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/21 03:20:32 | 000,000,242 | ---- | M] () -- C:\WINDOWS\Tasks\Epson Printer Software Downloader.job
[2012/01/30 15:47:06 | 000,000,980 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1844823847-839522115-1003Core.job

========== Purity Check ==========



========== Custom Scans ==========


Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

Invalid Environment Variable: %APPDATA%\*.

Invalid Environment Variable: %APPDATA%\*.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AEC.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys
[2004/08/03 16:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\system32\drivers\aec.sys

< MD5 for: AGP440.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ALG.EXE >
[2004/08/19 12:09:52 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=B43CC0F07752D456038CD0268E4D84E9 -- C:\WINDOWS\system32\alg.exe

< MD5 for: ATAPI.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004/08/03 18:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CSRSS.EXE >
[2004/08/19 12:09:52 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=6EDCA12F58A4513637AF2DEBB1629BC8 -- C:\WINDOWS\system32\csrss.exe

< MD5 for: CTFMON.EXE >
[2004/08/19 12:09:52 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=64E41E8FEE655B03E3F19DED21BA5118 -- C:\WINDOWS\system32\ctfmon.exe

< MD5 for: DISK.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:D isk.sys
[2004/08/03 18:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2004/08/19 12:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2005/06/15 17:01:14 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=CC5B99AF6247175A151B0CC4E71C7F58 -- C:\WINDOWS\explorer.exe

< MD5 for: I8042PRT.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys
[2004/08/19 11:56:40 | 000,054,400 | ---- | M] (Microsoft Corporation) MD5=D1EFCBD693B5BA21314D06368C471070 -- C:\WINDOWS\system32\drivers\i8042prt.sys

< MD5 for: IASTOR.SYS >
[2004/04/20 07:13:30 | 000,472,960 | ---- | M] (Intel Corporation) MD5=C9F030A5E43AEDFABE0A39DF0A0DCBEB -- C:\Drivers\intel\iaStor.sys

< MD5 for: IMAPI.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:imapi.sys
[2004/08/03 19:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) MD5=F8AA320C6A0409C0380E5D8A99D76EC6 -- C:\WINDOWS\system32\drivers\imapi.sys

< MD5 for: INTELIDE.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:intelide.sys

< MD5 for: MOUNTMGR.SYS >
[2004/08/03 18:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\system32\drivers\mountmgr.sys

< MD5 for: MRXSMB.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys
[2005/01/19 00:26:52 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=5DDC9A1B2EB5A4BF010CE8C019A18C1F -- C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
[2005/01/19 00:26:52 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=5DDC9A1B2EB5A4BF010CE8C019A18C1F -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2005/01/18 23:51:57 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=7B195060FF456FA65954C72C5C1640FF -- C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys
[2004/10/27 21:15:16 | 000,448,128 | ---- | M] (Microsoft Corporation) MD5=A1BE3CB080DCC0A8270D21E3CA3B7005 -- C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys

< MD5 for: NDIS.SYS >
[2004/08/03 19:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004/08/19 12:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2005/02/11 14:11:02 | 000,089,856 | ---- | M] (NVIDIA Corporation) MD5=83F0275A21D9772B51CEF57E35AFAE61 -- C:\Drivers\nforce\NvAtaBus.sys

< MD5 for: NVGTS.SYS >
[2008/11/12 04:58:38 | 000,145,952 | R--- | M] (NVIDIA Corporation) MD5=75E2E77C5497F34E60491D27BF03F1CB -- C:\WINDOWS\system32\drivers\nvgts.sys

< MD5 for: RASACD.SYS >
[2001/08/28 10:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

< MD5 for: RDPCDD.SYS >
[2001/08/28 10:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys

< MD5 for: REDBOOK.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:redbook.sys
[2004/08/19 11:54:52 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=2CC30B68DD62B73D444A41322CD7FC4C -- C:\WINDOWS\system32\drivers\redbook.sys

< MD5 for: SCECLI.DLL >
[2004/08/19 12:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2004/08/19 12:10:04 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=63DCDE1A0D86EEB8924D6738FF616EAD -- C:\WINDOWS\system32\services.exe

< MD5 for: SMSS.EXE >
[2004/08/19 12:10:04 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=70A9BCEA4D3B3B4773F9A871F5FEEF57 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SPOOLSV.EXE >
[2004/08/19 12:10:04 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DF9FC62AD51CB082B0AE371919A232CB -- C:\WINDOWS\system32\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2004/08/19 12:10:04 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=2979B03D5382A602623C0535B16AB9C0 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2005/06/28 12:56:53 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=77C0C5E7D6CFE2052B8CF28B8722F528 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: TERMDD.SYS >
[2004/08/19 12:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys
[2004/08/19 10:10:18 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\system32\drivers\termdd.sys

< MD5 for: USERINIT.EXE >
[2004/08/19 12:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VIASRAID.SYS >
[2003/10/31 08:22:38 | 000,077,312 | ---- | M] (VIA Technologies inc,.ltd) MD5=EBE101C01D80A42868F57B327BE1B564 -- C:\Drivers\via\viasraid.sys

< MD5 for: WIN32K.SYS >
[2005/03/02 14:13:08 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=7EC7E0B304C1D7F73E9B6C4977952220 -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
[2005/03/02 14:07:53 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=8B39DEFB4843B15A3044FFA23332B299 -- C:\WINDOWS\system32\win32k.sys

< MD5 for: WINLOGON.EXE >
[2004/08/19 12:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM_ON_C\CurrentControlSet\Control\Session Manager\SubSystems /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2004/08/19 12:09:24 | 000,148,480 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2004/08/19 12:09:36 | 000,281,600 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2004/08/19 12:09:38 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2005/05/02 16:57:12 | 001,484,288 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shdocvw.dll
[2005/02/28 19:12:24 | 008,597,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010/03/30 07:02:14 | 000,090,112 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/03/30 07:02:14 | 000,643,072 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/03/30 07:02:14 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< CREATERESTOREPOINT >
< End of report >
20 Mars 2012 19:34:14

Hello

Redemarre sur Reatogo , relançe OTLPE

o sous Custom Scan box copie_colle le contenu du cadre ci dessous

[en commençant bien à :o TL ,les: inclus devant OTL et cette fois ci clic RUNFIX]

:OTL
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\0.2793349546436993h7i.exe ()
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\didier_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

Une fois terminé, le rapport de suppression est sauvegardé sur ton disque dur C:\_OTL\ sous la forme date_heure.txt.

==> redemarre normalement sous windows dis moi si c'est bon ?
20 Mars 2012 20:53:47

C est fait j ai redémarrer et je n ai plus la page Gendarmerie au démarage, dois je faire autre chose ?
20 Mars 2012 21:04:21

Oh oui alors :D 

Télécharge sur le bureau RogueKiller (par tigzy)
Quitter tous les programmes en cours
Lance RogueKiller.exe.Pour Vista et seven fais un clique droit sur l'icône et exécute en tant qu'administrateur.
Attendre la fin du Prescan ...
Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad


  • Sur cette page AdwCleaner de Xplode , clique sur Télécharger et enregistre le fichier sur ton Bureau

  • Ferme toutes les applications, y compris ton navigateur

  • Relance AdwCleaner par un double-clique sur l'icône AdwCleaner.exe pour lancer l'installation
    /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

  • Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse

  • A la fin du scan, un rapport AdwCleaner.txt s'ouvre. Poste le contenu de ce rapport dans ta prochaine réponse
    Le rapport se trouve sous C:\AdwCleaner.txt

    20 Mars 2012 21:33:24

    Voila les 2 rapports

    RapportRKiller:

    RogueKiller V7.3.2 [20/03/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Demarrage : Mode normal
    Utilisateur: didier [Droits d'admin]
    Mode: Suppression -- Date: 21/03/2012 01:21:43

    ¤¤¤ Processus malicieux: 0 ¤¤¤

    ¤¤¤ Entrees de registre: 4 ¤¤¤
    [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
    [HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
    [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver: [CHARGE] ¤¤¤
    SSDT[25] : NtClose @ 0x805BAEAC -> HOOKED (Unknown @ 0xB877D79C)
    SSDT[41] : NtCreateKey @ 0x8062204E -> HOOKED (Unknown @ 0xB877D756)
    SSDT[50] : NtCreateSection @ 0x805A9DE6 -> HOOKED (Unknown @ 0xB877D7A6)
    SSDT[53] : NtCreateThread @ 0x805CF804 -> HOOKED (Unknown @ 0xB877D74C)
    SSDT[63] : NtDeleteKey @ 0x806224DE -> HOOKED (Unknown @ 0xB877D75B)
    SSDT[65] : NtDeleteValueKey @ 0x806226AE -> HOOKED (Unknown @ 0xB877D765)
    SSDT[68] : NtDuplicateObject @ 0x805BC888 -> HOOKED (Unknown @ 0xB877D797)
    SSDT[98] : NtLoadKey @ 0x80623D7E -> HOOKED (Unknown @ 0xB877D76A)
    SSDT[122] : NtOpenProcess @ 0x805C9C46 -> HOOKED (Unknown @ 0xB877D738)
    SSDT[128] : NtOpenThread @ 0x805C9ED2 -> HOOKED (Unknown @ 0xB877D73D)
    SSDT[193] : NtReplaceKey @ 0x80623C2E -> HOOKED (Unknown @ 0xB877D774)
    SSDT[204] : NtRestoreKey @ 0x80620456 -> HOOKED (Unknown @ 0xB877D76F)
    SSDT[213] : NtSetContextThread @ 0x805CFF3E -> HOOKED (Unknown @ 0xB877D7AB)
    SSDT[247] : NtSetValueKey @ 0x8062070E -> HOOKED (Unknown @ 0xB877D760)
    SSDT[257] : NtTerminateProcess @ 0x805D116E -> HOOKED (Unknown @ 0xB877D747)
    S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xB877D7B0)
    S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xB877D7B5)

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: SAMSUNG HD502HJ SCSI Disk Device +++++
    --- User ---
    [MBR] 0b6f0d5fe7916733d820b869af87188d
    [BSP] f43359408b88e045b8fb3291c449c733 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20481 Mo
    1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 41945715 | Size: 456448 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Termine : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt






    Rapport AdwCleaner:

    # AdwCleaner v1.502 - Rapport créé le 21/03/2012 à 01:27:16
    # Mis à jour le 17/03/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
    # Nom d'utilisateur : didier - KOSVOCORE
    # Exécuté depuis : C:\Documents and Settings\didier\Bureau\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\didier\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\didier\Application Data\Toolbar4
    Dossier Supprimé : C:\Documents and Settings\didier\Application Data\widestream
    Dossier Supprimé : C:\Documents and Settings\didier\Local Settings\Application Data\Babylon
    Dossier Supprimé : C:\Documents and Settings\didier\Local Settings\Application Data\widestream6 Air
    Dossier Supprimé : C:\Documents and Settings\didier\Mes documents\WideStream
    Dossier Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Widestream6
    Dossier Supprimé : C:\Program Files\Widestream6
    Dossier Supprimé : C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\extensions\ffxtlbr@babylon.com
    Fichier Supprimé : C:\Documents and Settings\All Users\Bureau\Widestream6.lnk
    Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

    ***** [H. Navipromo] *****


    ***** [Registre] *****

  • Clé Supprimée : HKCU\Software\TBSB02609
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.IEToolbar.1
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB02609.TBSB02609.3
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB02609.1
    Clé Supprimée : HKCU\Software\WideStream
    Clé Supprimée : HKLM\SOFTWARE\Babylon
    Clé Supprimée : HKLM\SOFTWARE\widestream
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.Spointer
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.Spointer.4
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerAdProvider.4
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerBanner.4
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerCtrl
    Clé Supprimée : HKLM\SOFTWARE\Classes\Widestream6.SpointerWebDisp
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1a6dc111-b030-4c3e-be65-299284128b91}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{606d89e9-c72a-4e4d-8d3a-142b2a74ff1b}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{60d7e8fc-8849-46e8-b352-5abbae0c48b4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9b218861-1cad-41e9-8105-1291a91ca488}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{25B7FAD8-85B3-40A4-BBB8-22DBB95831E1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4FD0EE11-D5B1-41B1-A3BD-F537539804EE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5D82D8DD-B839-47C1-B8E0-AD754F949BB6}
    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\eppeebfgcgojgpffkdcpiljephjaboki
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Widestream6
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A6DC111-B030-4C3E-BE65-299284128B91}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a61376ff-292a-4591-a6b5-d90771424583}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a6dc111-b030-4c3e-be65-299284128b91}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{606d89e9-c72a-4e4d-8d3a-142b2a74ff1b}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9b218861-1cad-41e9-8105-1291a91ca488}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [widestream6@spointer.com]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v6.0.2900.2180

    Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://webplayersearch.com/ --> hxxp://www.google.fr

    -\\ Mozilla Firefox v10.0.2 (fr)

    Profil : zh72o0ps.default
    Fichier : C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\prefs.js

    C:\Documents and Settings\didier\Application Data\Mozilla\Firefox\Profiles\zh72o0ps.default\user.js ... Supprimé !

    Supprimée : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
    Supprimée : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
    Supprimée : user_pref("browser.search.order.1", "Search the web (Babylon)");
    Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101067");
    Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "e41b3002000000000000002618a89f5f");
    Supprimée : user_pref("extensions.BabylonToolbar_i.id", "e41b3002000000000000002618a89f5f");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15379");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", false);
    Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1710:10:01");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
    Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?AF=108988&babsrc=adbartrp&mntrId=e41b3002000000[...]

    *************************

    AdwCleaner[S1].txt - [13199 octets] - [21/03/2012 01:27:16]

    ########## EOF - C:\AdwCleaner[S1].txt - [13328 octets] ##########
    21 Mars 2012 07:06:21

    Bonjour,
    Supprimes Roguekiller

    Relance le programme adwcleaner.exe situé sur ton Bureau.
    (Utilisateur de Vista/Windows 7, clique-droit sur le fichier -> Exécuter en tant qu'administrateur)
    Dans la fenêtre principal, choisis l'option Désinstallation, et valide avec "Oui"
    Supprime ensuite le fichier adwcleaner.exe sur ton bureau.

    Désactive ton antivirus

    Télécharge TDSSkiller de Kaspersky sur le Bureau

    Faire un double clic sur TDSSKiller.exe pour le lancer(Utilisateur de Windows Vista/7, faire un clic droit)



    Clique sur change parameters et coche Verify driver digital signatures et detect TDLFS file system



    Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.

    Si un objet suspect est détecté, l'action par défaut sera Skip, clic sur continue.



    Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

    Si TDSS.tdl3 est détecté assure toi que Cure est bien coché.

    Si TDSS.tdl4(mbr) est détecté assure toi que Cure est bien coché.

    Clique sur Continue puis sur Reboot computer pour redémarrer le PC pour terminer le processus de nettoyage.



    Remarque : Si il n'existe pas de remède, veuillez choisir Skip au lieu de cela, ne choisissez pas supprimer sauf instruction.

    Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).

    21 Mars 2012 09:53:18

    Voici le rapport

    09:39:22.0859 1680 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
    09:39:22.0984 1680 ============================================================
    09:39:22.0984 1680 Current date / time: 2012/03/21 09:39:22.0984
    09:39:22.0984 1680 SystemInfo:
    09:39:22.0984 1680
    09:39:22.0984 1680 OS Version: 5.1.2600 ServicePack: 2.0
    09:39:22.0984 1680 Product type: Workstation
    09:39:22.0984 1680 ComputerName: KOSVOCORE
    09:39:22.0984 1680 UserName: didier
    09:39:22.0984 1680 Windows directory: C:\WINDOWS
    09:39:22.0984 1680 System windows directory: C:\WINDOWS
    09:39:22.0984 1680 Processor architecture: Intel x86
    09:39:22.0984 1680 Number of processors: 2
    09:39:22.0984 1680 Page size: 0x1000
    09:39:22.0984 1680 Boot type: Normal boot
    09:39:22.0984 1680 ============================================================
    09:39:23.0375 1680 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
    09:39:23.0375 1680 \Device\Harddisk0\DR0:
    09:39:23.0375 1680 MBR used
    09:39:23.0375 1680 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2800A34
    09:39:23.0390 1680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800AB2, BlocksNum 0x37B802CE
    09:39:23.0515 1680 Initialize success
    09:39:23.0515 1680 ============================================================
    09:40:25.0796 2264 ============================================================
    09:40:25.0796 2264 Scan started
    09:40:25.0796 2264 Mode: Manual; SigCheck; TDLFS;
    09:40:25.0796 2264 ============================================================
    09:40:26.0625 2264 Abiosdsk - ok
    09:40:27.0343 2264 abp480n5 - ok
    09:40:28.0093 2264 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    09:40:28.0406 2264 ACPI - ok
    09:40:29.0046 2264 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
    09:40:29.0125 2264 ACPIEC - ok
    09:40:29.0703 2264 adpu160m - ok
    09:40:30.0312 2264 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
    09:40:30.0375 2264 aec - ok
    09:40:30.0984 2264 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
    09:40:31.0062 2264 AFD - ok
    09:40:31.0656 2264 Aha154x - ok
    09:40:32.0250 2264 aic78u2 - ok
    09:40:32.0843 2264 aic78xx - ok
    09:40:33.0437 2264 AliIde - ok
    09:40:34.0062 2264 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
    09:40:34.0125 2264 Ambfilt - ok
    09:40:34.0734 2264 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
    09:40:34.0765 2264 AmdPPM - ok
    09:40:35.0359 2264 amsint - ok
    09:40:35.0953 2264 asc - ok
    09:40:36.0546 2264 asc3350p - ok
    09:40:37.0125 2264 asc3550 - ok
    09:40:37.0750 2264 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    09:40:37.0828 2264 AsyncMac - ok
    09:40:38.0437 2264 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
    09:40:38.0500 2264 atapi - ok
    09:40:39.0078 2264 Atdisk - ok
    09:40:39.0703 2264 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    09:40:39.0765 2264 Atmarpc - ok
    09:40:40.0406 2264 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    09:40:40.0468 2264 audstub - ok
    09:40:40.0593 2264 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    09:40:40.0593 2264 avgio - ok
    09:40:41.0203 2264 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
    09:40:41.0250 2264 avgntflt - ok
    09:40:41.0875 2264 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
    09:40:41.0890 2264 avipbb - ok
    09:40:42.0500 2264 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    09:40:42.0578 2264 Beep - ok
    09:40:43.0171 2264 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    09:40:43.0250 2264 cbidf2k - ok
    09:40:43.0843 2264 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    09:40:43.0906 2264 CCDECODE - ok
    09:40:44.0515 2264 cd20xrnt - ok
    09:40:45.0125 2264 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    09:40:45.0203 2264 Cdaudio - ok
    09:40:45.0812 2264 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
    09:40:45.0906 2264 Cdfs - ok
    09:40:46.0500 2264 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    09:40:46.0578 2264 Cdrom - ok
    09:40:47.0156 2264 Changer - ok
    09:40:47.0750 2264 CmdIde - ok
    09:40:48.0343 2264 Cpqarray - ok
    09:40:48.0953 2264 dac2w2k - ok
    09:40:49.0562 2264 dac960nt - ok
    09:40:50.0187 2264 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
    09:40:50.0250 2264 Disk - ok
    09:40:50.0890 2264 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
    09:40:50.0968 2264 dmboot - ok
    09:40:51.0578 2264 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys
    09:40:51.0656 2264 dmio - ok
    09:40:52.0250 2264 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    09:40:52.0328 2264 dmload - ok
    09:40:52.0937 2264 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
    09:40:53.0015 2264 DMusic - ok
    09:40:53.0609 2264 dpti2o - ok
    09:40:54.0218 2264 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
    09:40:54.0296 2264 drmkaud - ok
    09:40:54.0890 2264 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
    09:40:54.0906 2264 dtsoftbus01 - ok
    09:40:55.0531 2264 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
    09:40:55.0609 2264 Fastfat - ok
    09:40:56.0203 2264 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
    09:40:56.0281 2264 Fdc - ok
    09:40:56.0890 2264 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
    09:40:56.0968 2264 Fips - ok
    09:40:57.0562 2264 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
    09:40:57.0640 2264 Flpydisk - ok
    09:40:58.0250 2264 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    09:40:58.0312 2264 FltMgr - ok
    09:40:58.0921 2264 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    09:40:59.0000 2264 Fs_Rec - ok
    09:40:59.0593 2264 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    09:40:59.0671 2264 Ftdisk - ok
    09:41:00.0281 2264 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    09:41:00.0296 2264 GEARAspiWDM - ok
    09:41:00.0906 2264 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    09:41:00.0984 2264 Gpc - ok
    09:41:01.0593 2264 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    09:41:01.0625 2264 HDAudBus - ok
    09:41:02.0234 2264 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    09:41:02.0296 2264 hidusb - ok
    09:41:02.0890 2264 hpn - ok
    09:41:03.0515 2264 HTTP (bfb7b73c942e816c4fb4a5a7bae87136) C:\WINDOWS\system32\Drivers\HTTP.sys
    09:41:03.0734 2264 HTTP - ok
    09:41:04.0343 2264 hxctlflt (f02ea43ae8f936124debf5b87f12c795) C:\WINDOWS\system32\Drivers\hxctlflt.sys
    09:41:04.0359 2264 hxctlflt - ok
    09:41:04.0984 2264 i2omgmt - ok
    09:41:05.0562 2264 i2omp - ok
    09:41:06.0171 2264 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\drivers\i8042prt.sys
    09:41:06.0250 2264 i8042prt - ok
    09:41:06.0843 2264 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
    09:41:06.0921 2264 Imapi - ok
    09:41:07.0515 2264 ini910u - ok
    09:41:08.0187 2264 IntcAzAudAddService (0cacdcbbc8e6f11e2865c47bfc509848) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    09:41:08.0296 2264 IntcAzAudAddService - ok
    09:41:08.0906 2264 IntelIde - ok
    09:41:09.0515 2264 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    09:41:09.0578 2264 Ip6Fw - ok
    09:41:10.0187 2264 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    09:41:10.0265 2264 IpFilterDriver - ok
    09:41:10.0875 2264 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    09:41:10.0937 2264 IpInIp - ok
    09:41:11.0546 2264 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    09:41:11.0562 2264 IpNat - ok
    09:41:12.0156 2264 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    09:41:12.0234 2264 IPSec - ok
    09:41:12.0843 2264 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
    09:41:12.0875 2264 IRENUM - ok
    09:41:13.0500 2264 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    09:41:13.0562 2264 isapnp - ok
    09:41:14.0187 2264 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    09:41:14.0250 2264 Kbdclass - ok
    09:41:14.0875 2264 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    09:41:14.0937 2264 kbdhid - ok
    09:41:15.0546 2264 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
    09:41:15.0625 2264 kmixer - ok
    09:41:16.0234 2264 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
    09:41:16.0296 2264 KSecDD - ok
    09:41:16.0890 2264 lbrtfdc - ok
    09:41:17.0500 2264 lfsfilt (d489d4bb1707343301208c632960be45) C:\WINDOWS\system32\DRIVERS\lfsfilt.sys
    09:41:17.0500 2264 lfsfilt - ok
    09:41:18.0140 2264 lpx (97e48c6b3f1072ef3ef7693f19a9cd75) C:\WINDOWS\system32\DRIVERS\lpx.sys
    09:41:18.0140 2264 lpx - ok
    09:41:18.0750 2264 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    09:41:18.0812 2264 mnmdd - ok
    09:41:19.0421 2264 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
    09:41:19.0500 2264 Modem - ok
    09:41:20.0125 2264 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
    09:41:20.0171 2264 Monfilt - ok
    09:41:20.0796 2264 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    09:41:20.0859 2264 Mouclass - ok
    09:41:21.0468 2264 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    09:41:21.0546 2264 mouhid - ok
    09:41:22.0140 2264 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
    09:41:22.0203 2264 MountMgr - ok
    09:41:22.0796 2264 mraid35x - ok
    09:41:23.0390 2264 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    09:41:23.0453 2264 MRxDAV - ok
    09:41:24.0078 2264 MRxSmb (5ddc9a1b2eb5a4bf010ce8c019a18c1f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    09:41:24.0234 2264 MRxSmb - ok
    09:41:24.0843 2264 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
    09:41:24.0921 2264 Msfs - ok
    09:41:25.0531 2264 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    09:41:25.0593 2264 MSKSSRV - ok
    09:41:26.0203 2264 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    09:41:26.0265 2264 MSPCLOCK - ok
    09:41:26.0875 2264 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
    09:41:26.0937 2264 MSPQM - ok
    09:41:27.0562 2264 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    09:41:27.0640 2264 mssmbios - ok
    09:41:28.0328 2264 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
    09:41:28.0406 2264 MSTEE - ok
    09:41:29.0093 2264 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
    09:41:29.0109 2264 MTsensor - ok
    09:41:29.0968 2264 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
    09:41:30.0046 2264 Mup - ok
    09:41:31.0046 2264 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    09:41:31.0125 2264 NABTSFEC - ok
    09:41:31.0828 2264 ndasbus (721de760cd846a793935675fbe49140b) C:\WINDOWS\system32\DRIVERS\ndasbus.sys
    09:41:31.0828 2264 ndasbus - ok
    09:41:32.0453 2264 ndasfat (5b1c0c157183364556bd1b01c5fe9ca1) C:\WINDOWS\system32\DRIVERS\ndasfat.sys
    09:41:32.0468 2264 ndasfat - ok
    09:41:33.0109 2264 ndasscsi (6d160d767d7f9ce1e05f3b14744172a7) C:\WINDOWS\system32\DRIVERS\ndasscsi.sys
    09:41:33.0109 2264 ndasscsi - ok
    09:41:33.0718 2264 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
    09:41:33.0796 2264 NDIS - ok
    09:41:34.0468 2264 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    09:41:34.0531 2264 NdisIP - ok
    09:41:35.0234 2264 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    09:41:35.0312 2264 NdisTapi - ok
    09:41:36.0140 2264 Ndisuio (8d3ce6b579cde8d37acc690b67dc2106) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    09:41:36.0156 2264 Ndisuio - ok
    09:41:36.0781 2264 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    09:41:36.0843 2264 NdisWan - ok
    09:41:37.0453 2264 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
    09:41:37.0515 2264 NDProxy - ok
    09:41:38.0125 2264 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
    09:41:38.0203 2264 NetBIOS - ok
    09:41:38.0812 2264 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
    09:41:38.0890 2264 NetBT - ok
    09:41:39.0500 2264 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
    09:41:39.0562 2264 Npfs - ok
    09:41:40.0187 2264 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
    09:41:40.0265 2264 Ntfs - ok
    09:41:40.0875 2264 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    09:41:40.0937 2264 Null - ok
    09:41:41.0765 2264 nv (f85e109844787668ce8aab54ef14362a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    09:41:41.0921 2264 nv - ok
    09:41:42.0546 2264 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    09:41:42.0578 2264 NVENETFD - ok
    09:41:43.0171 2264 nvgts (75e2e77c5497f34e60491d27bf03f1cb) C:\WINDOWS\system32\DRIVERS\nvgts.sys
    09:41:43.0171 2264 nvgts - ok
    09:41:43.0765 2264 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    09:41:43.0781 2264 nvnetbus - ok
    09:41:44.0406 2264 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    09:41:44.0484 2264 NwlnkFlt - ok
    09:41:45.0078 2264 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    09:41:45.0140 2264 NwlnkFwd - ok
    09:41:45.0750 2264 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
    09:41:45.0812 2264 Parport - ok
    09:41:46.0421 2264 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
    09:41:46.0484 2264 PartMgr - ok
    09:41:47.0093 2264 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
    09:41:47.0156 2264 ParVdm - ok
    09:41:47.0750 2264 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
    09:41:47.0812 2264 PCI - ok
    09:41:48.0421 2264 PCIDump - ok
    09:41:49.0015 2264 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
    09:41:49.0078 2264 PCIIde - ok
    09:41:49.0703 2264 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys
    09:41:49.0781 2264 Pcmcia - ok
    09:41:50.0359 2264 PDCOMP - ok
    09:41:50.0968 2264 PDFRAME - ok
    09:41:51.0546 2264 PDRELI - ok
    09:41:52.0156 2264 PDRFRAME - ok
    09:41:52.0750 2264 perc2 - ok
    09:41:53.0343 2264 perc2hib - ok
    09:41:53.0968 2264 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    09:41:54.0031 2264 PptpMiniport - ok
    09:41:54.0656 2264 Processor (f480712b761e538bc8e44ede60f3a3c3) C:\WINDOWS\system32\DRIVERS\processr.sys
    09:41:54.0718 2264 Processor - ok
    09:41:55.0312 2264 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
    09:41:55.0390 2264 PSched - ok
    09:41:56.0000 2264 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    09:41:56.0062 2264 Ptilink - ok
    09:41:56.0656 2264 ql1080 - ok
    09:41:57.0250 2264 Ql10wnt - ok
    09:41:57.0843 2264 ql12160 - ok
    09:41:58.0437 2264 ql1240 - ok
    09:41:59.0031 2264 ql1280 - ok
    09:41:59.0671 2264 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    09:41:59.0734 2264 RasAcd - ok
    09:42:00.0375 2264 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    09:42:00.0437 2264 Rasl2tp - ok
    09:42:01.0125 2264 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    09:42:01.0203 2264 RasPppoe - ok
    09:42:01.0843 2264 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    09:42:01.0906 2264 Raspti - ok
    09:42:02.0515 2264 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    09:42:02.0546 2264 Rdbss - ok
    09:42:03.0171 2264 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    09:42:03.0218 2264 RDPCDD - ok
    09:42:03.0843 2264 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    09:42:03.0906 2264 rdpdr - ok
    09:42:04.0546 2264 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
    09:42:04.0609 2264 RDPWD - ok
    09:42:05.0203 2264 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
    09:42:05.0281 2264 redbook - ok
    09:42:05.0890 2264 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    09:42:05.0937 2264 Secdrv - ok
    09:42:06.0546 2264 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
    09:42:06.0609 2264 serenum - ok
    09:42:07.0203 2264 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
    09:42:07.0281 2264 Serial - ok
    09:42:07.0906 2264 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
    09:42:07.0906 2264 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
    09:42:07.0906 2264 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
    09:42:08.0531 2264 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
    09:42:08.0546 2264 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
    09:42:08.0546 2264 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
    09:42:09.0156 2264 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
    09:42:09.0203 2264 Sfloppy - ok
    09:42:09.0812 2264 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
    09:42:09.0828 2264 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
    09:42:09.0828 2264 sfsync02 - detected UnsignedFile.Multi.Generic (1)
    09:42:10.0453 2264 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
    09:42:10.0468 2264 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
    09:42:10.0468 2264 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
    09:42:11.0046 2264 Simbad - ok
    09:42:11.0671 2264 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    09:42:11.0734 2264 SLIP - ok
    09:42:12.0390 2264 SNP2UVC (a70f178299812dce4cc0e802d403be9b) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
    09:42:12.0468 2264 SNP2UVC - ok
    09:42:13.0078 2264 Sparrow - ok
    09:42:13.0671 2264 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
    09:42:13.0734 2264 splitter - ok
    09:42:14.0343 2264 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
    09:42:14.0343 2264 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    09:42:14.0343 2264 sptd ( LockedFile.Multi.Generic ) - warning
    09:42:14.0359 2264 sptd - detected LockedFile.Multi.Generic (1)
    09:42:14.0968 2264 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
    09:42:15.0000 2264 sr - ok
    09:42:15.0625 2264 Srv (553007ecce7f6565bbe645beb66d3b69) C:\WINDOWS\system32\DRIVERS\srv.sys
    09:42:15.0656 2264 Srv - ok
    09:42:16.0265 2264 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    09:42:16.0265 2264 ssmdrv - ok
    09:42:16.0890 2264 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    09:42:16.0953 2264 streamip - ok
    09:42:17.0578 2264 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
    09:42:17.0656 2264 swenum - ok
    09:42:18.0250 2264 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
    09:42:18.0312 2264 swmidi - ok
    09:42:18.0890 2264 symc810 - ok
    09:42:19.0500 2264 symc8xx - ok
    09:42:20.0109 2264 sym_hi - ok
    09:42:20.0734 2264 sym_u3 - ok
    09:42:21.0328 2264 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
    09:42:21.0390 2264 sysaudio - ok
    09:42:22.0015 2264 systormflb (f57ba076ceadf53d5e549c98eb2f5951) C:\WINDOWS\system32\DRIVERS\systormflb.sys
    09:42:22.0031 2264 systormflb - ok
    09:42:22.0687 2264 Tcpip (77c0c5e7d6cfe2052b8cf28b8722f528) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    09:42:22.0703 2264 Tcpip ( UnsignedFile.Multi.Generic ) - warning
    09:42:22.0703 2264 Tcpip - detected UnsignedFile.Multi.Generic (1)
    09:42:23.0328 2264 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
    09:42:23.0390 2264 TDPIPE - ok
    09:42:24.0000 2264 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
    09:42:24.0062 2264 TDTCP - ok
    09:42:24.0671 2264 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
    09:42:24.0734 2264 TermDD - ok
    09:42:25.0328 2264 TosIde - ok
    09:42:25.0953 2264 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
    09:42:26.0015 2264 Udfs - ok
    09:42:26.0593 2264 ultra - ok
    09:42:27.0234 2264 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
    09:42:27.0265 2264 Update - ok
    09:42:27.0890 2264 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
    09:42:27.0906 2264 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
    09:42:27.0906 2264 USBAAPL - detected UnsignedFile.Multi.Generic (1)
    09:42:28.0531 2264 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
    09:42:28.0593 2264 usbaudio - ok
    09:42:29.0203 2264 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    09:42:29.0265 2264 usbccgp - ok
    09:42:29.0875 2264 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    09:42:29.0937 2264 usbehci - ok
    09:42:30.0562 2264 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    09:42:30.0625 2264 usbhub - ok
    09:42:31.0234 2264 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    09:42:31.0296 2264 usbohci - ok
    09:42:31.0890 2264 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    09:42:31.0953 2264 usbprint - ok
    09:42:32.0593 2264 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    09:42:32.0656 2264 usbscan - ok
    09:42:33.0265 2264 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    09:42:33.0328 2264 USBSTOR - ok
    09:42:33.0953 2264 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
    09:42:34.0015 2264 VgaSave - ok
    09:42:34.0609 2264 ViaIde - ok
    09:42:35.0218 2264 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
    09:42:35.0281 2264 VolSnap - ok
    09:42:35.0890 2264 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    09:42:35.0953 2264 Wanarp - ok
    09:42:36.0546 2264 WDICA - ok
    09:42:37.0187 2264 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
    09:42:37.0265 2264 wdmaud - ok
    09:42:37.0875 2264 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\WINDOWS\system32\DRIVERS\whfltr2k.sys
    09:42:37.0890 2264 whfltr2k - ok
    09:42:38.0515 2264 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    09:42:38.0578 2264 WSTCODEC - ok
    09:42:39.0203 2264 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    09:42:39.0234 2264 WudfPf - ok
    09:42:39.0843 2264 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    09:42:39.0859 2264 WudfRd - ok
    09:42:39.0875 2264 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
    09:42:40.0078 2264 \Device\Harddisk0\DR0 - ok
    09:42:40.0078 2264 Boot (0x1200) (e9a334aa0958ae5e4b51976722d1fd7c) \Device\Harddisk0\DR0\Partition0
    09:42:40.0078 2264 \Device\Harddisk0\DR0\Partition0 - ok
    09:42:40.0078 2264 Boot (0x1200) (d6721d9b05ea618994785a986ffe71bc) \Device\Harddisk0\DR0\Partition1
    09:42:40.0078 2264 \Device\Harddisk0\DR0\Partition1 - ok
    09:42:40.0078 2264 ============================================================
    09:42:40.0078 2264 Scan finished
    09:42:40.0078 2264 ============================================================
    09:42:40.0218 2620 Detected object count: 7
    09:42:40.0218 2620 Actual detected object count: 7
    09:43:02.0312 2620 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 sptd ( LockedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:02.0312 2620 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
    09:43:02.0312 2620 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:43:52.0437 2632 ============================================================
    09:43:52.0437 2632 Scan started
    09:43:52.0437 2632 Mode: Manual; SigCheck; TDLFS;
    09:43:52.0437 2632 ============================================================
    09:43:53.0109 2632 Abiosdsk - ok
    09:43:53.0718 2632 abp480n5 - ok
    09:43:54.0312 2632 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    09:43:54.0390 2632 ACPI - ok
    09:43:54.0984 2632 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
    09:43:55.0062 2632 ACPIEC - ok
    09:43:55.0656 2632 adpu160m - ok
    09:43:56.0250 2632 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
    09:43:56.0328 2632 aec - ok
    09:43:56.0921 2632 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
    09:43:56.0984 2632 AFD - ok
    09:43:57.0562 2632 Aha154x - ok
    09:43:58.0156 2632 aic78u2 - ok
    09:43:58.0750 2632 aic78xx - ok
    09:43:59.0343 2632 AliIde - ok
    09:43:59.0968 2632 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
    09:44:00.0031 2632 Ambfilt - ok
    09:44:00.0640 2632 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
    09:44:00.0656 2632 AmdPPM - ok
    09:44:01.0250 2632 amsint - ok
    09:44:01.0843 2632 asc - ok
    09:44:02.0437 2632 asc3350p - ok
    09:44:03.0015 2632 asc3550 - ok
    09:44:03.0609 2632 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    09:44:03.0687 2632 AsyncMac - ok
    09:44:04.0296 2632 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
    09:44:04.0359 2632 atapi - ok
    09:44:04.0953 2632 Atdisk - ok
    09:44:05.0562 2632 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    09:44:05.0625 2632 Atmarpc - ok
    09:44:06.0234 2632 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    09:44:06.0296 2632 audstub - ok
    09:44:06.0406 2632 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    09:44:06.0421 2632 avgio - ok
    09:44:07.0031 2632 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
    09:44:07.0046 2632 avgntflt - ok
    09:44:07.0640 2632 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
    09:44:07.0640 2632 avipbb - ok
    09:44:08.0265 2632 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    09:44:08.0328 2632 Beep - ok
    09:44:08.0937 2632 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    09:44:08.0984 2632 cbidf2k - ok
    09:44:09.0609 2632 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    09:44:09.0656 2632 CCDECODE - ok
    09:44:10.0250 2632 cd20xrnt - ok
    09:44:10.0875 2632 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    09:44:10.0921 2632 Cdaudio - ok
    09:44:11.0515 2632 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
    09:44:11.0578 2632 Cdfs - ok
    09:44:12.0187 2632 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    09:44:12.0250 2632 Cdrom - ok
    09:44:12.0843 2632 Changer - ok
    09:44:13.0453 2632 CmdIde - ok
    09:44:14.0046 2632 Cpqarray - ok
    09:44:14.0671 2632 dac2w2k - ok
    09:44:15.0265 2632 dac960nt - ok
    09:44:15.0890 2632 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
    09:44:15.0953 2632 Disk - ok
    09:44:16.0578 2632 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
    09:44:16.0656 2632 dmboot - ok
    09:44:17.0265 2632 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys
    09:44:17.0328 2632 dmio - ok
    09:44:17.0953 2632 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    09:44:18.0031 2632 dmload - ok
    09:44:18.0640 2632 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
    09:44:18.0703 2632 DMusic - ok
    09:44:19.0296 2632 dpti2o - ok
    09:44:19.0906 2632 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
    09:44:19.0968 2632 drmkaud - ok
    09:44:20.0578 2632 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
    09:44:20.0578 2632 dtsoftbus01 - ok
    09:44:21.0187 2632 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
    09:44:21.0250 2632 Fastfat - ok
    09:44:21.0843 2632 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
    09:44:21.0906 2632 Fdc - ok
    09:44:22.0515 2632 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
    09:44:22.0578 2632 Fips - ok
    09:44:23.0156 2632 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
    09:44:23.0218 2632 Flpydisk - ok
    09:44:23.0812 2632 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
    09:44:23.0875 2632 FltMgr - ok
    09:44:24.0484 2632 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    09:44:24.0546 2632 Fs_Rec - ok
    09:44:25.0156 2632 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    09:44:25.0218 2632 Ftdisk - ok
    09:44:25.0828 2632 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    09:44:25.0828 2632 GEARAspiWDM - ok
    09:44:26.0437 2632 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    09:44:26.0500 2632 Gpc - ok
    09:44:27.0109 2632 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    09:44:27.0125 2632 HDAudBus - ok
    09:44:27.0750 2632 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    09:44:27.0812 2632 hidusb - ok
    09:44:28.0390 2632 hpn - ok
    09:44:29.0000 2632 HTTP (bfb7b73c942e816c4fb4a5a7bae87136) C:\WINDOWS\system32\Drivers\HTTP.sys
    09:44:29.0015 2632 HTTP - ok
    09:44:29.0625 2632 hxctlflt (f02ea43ae8f936124debf5b87f12c795) C:\WINDOWS\system32\Drivers\hxctlflt.sys
    09:44:29.0640 2632 hxctlflt - ok
    09:44:30.0218 2632 i2omgmt - ok
    09:44:30.0812 2632 i2omp - ok
    09:44:31.0421 2632 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\drivers\i8042prt.sys
    09:44:31.0484 2632 i8042prt - ok
    09:44:32.0093 2632 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
    09:44:32.0140 2632 Imapi - ok
    09:44:32.0734 2632 ini910u - ok
    09:44:33.0406 2632 IntcAzAudAddService (0cacdcbbc8e6f11e2865c47bfc509848) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    09:44:33.0531 2632 IntcAzAudAddService - ok
    09:44:34.0125 2632 IntelIde - ok
    09:44:34.0734 2632 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
    09:44:34.0796 2632 Ip6Fw - ok
    09:44:35.0406 2632 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    09:44:35.0468 2632 IpFilterDriver - ok
    09:44:36.0078 2632 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    09:44:36.0140 2632 IpInIp - ok
    09:44:36.0734 2632 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    09:44:36.0750 2632 IpNat - ok
    09:44:37.0375 2632 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    09:44:37.0437 2632 IPSec - ok
    09:44:38.0046 2632 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
    09:44:38.0093 2632 IRENUM - ok
    09:44:38.0703 2632 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    09:44:38.0765 2632 isapnp - ok
    09:44:39.0359 2632 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    09:44:39.0437 2632 Kbdclass - ok
    09:44:40.0046 2632 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    09:44:40.0109 2632 kbdhid - ok
    09:44:40.0718 2632 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
    09:44:40.0781 2632 kmixer - ok
    09:44:41.0375 2632 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
    09:44:41.0437 2632 KSecDD - ok
    09:44:42.0046 2632 lbrtfdc - ok
    09:44:42.0656 2632 lfsfilt (d489d4bb1707343301208c632960be45) C:\WINDOWS\system32\DRIVERS\lfsfilt.sys
    09:44:42.0656 2632 lfsfilt - ok
    09:44:43.0296 2632 lpx (97e48c6b3f1072ef3ef7693f19a9cd75) C:\WINDOWS\system32\DRIVERS\lpx.sys
    09:44:43.0296 2632 lpx - ok
    09:44:43.0921 2632 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    09:44:43.0984 2632 mnmdd - ok
    09:44:44.0609 2632 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
    09:44:44.0671 2632 Modem - ok
    09:44:45.0281 2632 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
    09:44:45.0328 2632 Monfilt - ok
    09:44:45.0953 2632 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    09:44:46.0000 2632 Mouclass - ok
    09:44:46.0625 2632 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    09:44:46.0687 2632 mouhid - ok
    09:44:47.0281 2632 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
    09:44:47.0343 2632 MountMgr - ok
    09:44:47.0937 2632 mraid35x - ok
    09:44:48.0562 2632 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    09:44:48.0609 2632 MRxDAV - ok
    09:44:49.0218 2632 MRxSmb (5ddc9a1b2eb5a4bf010ce8c019a18c1f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    09:44:49.0265 2632 MRxSmb - ok
    09:44:49.0875 2632 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
    09:44:49.0937 2632 Msfs - ok
    09:44:50.0546 2632 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    09:44:50.0609 2632 MSKSSRV - ok
    09:44:51.0187 2632 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    09:44:51.0250 2632 MSPCLOCK - ok
    09:44:51.0843 2632 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
    09:44:51.0906 2632 MSPQM - ok
    09:44:52.0515 2632 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    09:44:52.0578 2632 mssmbios - ok
    09:44:53.0187 2632 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
    09:44:53.0250 2632 MSTEE - ok
    09:44:53.0843 2632 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
    09:44:53.0859 2632 MTsensor - ok
    09:44:54.0468 2632 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
    09:44:54.0531 2632 Mup - ok
    09:44:55.0125 2632 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    09:44:55.0187 2632 NABTSFEC - ok
    09:44:55.0796 2632 ndasbus (721de760cd846a793935675fbe49140b) C:\WINDOWS\system32\DRIVERS\ndasbus.sys
    09:44:55.0796 2632 ndasbus - ok
    09:44:56.0421 2632 ndasfat (5b1c0c157183364556bd1b01c5fe9ca1) C:\WINDOWS\system32\DRIVERS\ndasfat.sys
    09:44:56.0437 2632 ndasfat - ok
    09:44:57.0046 2632 ndasscsi (6d160d767d7f9ce1e05f3b14744172a7) C:\WINDOWS\system32\DRIVERS\ndasscsi.sys
    09:44:57.0062 2632 ndasscsi - ok
    09:44:57.0671 2632 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
    09:44:57.0750 2632 NDIS - ok
    09:44:58.0343 2632 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    09:44:58.0406 2632 NdisIP - ok
    09:44:59.0015 2632 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    09:44:59.0078 2632 NdisTapi - ok
    09:44:59.0703 2632 Ndisuio (8d3ce6b579cde8d37acc690b67dc2106) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    09:44:59.0703 2632 Ndisuio - ok
    09:45:00.0312 2632 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    09:45:00.0390 2632 NdisWan - ok
    09:45:01.0000 2632 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
    09:45:01.0062 2632 NDProxy - ok
    09:45:01.0671 2632 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
    09:45:01.0734 2632 NetBIOS - ok
    09:45:02.0328 2632 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
    09:45:02.0406 2632 NetBT - ok
    09:45:03.0031 2632 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
    09:45:03.0078 2632 Npfs - ok
    09:45:03.0703 2632 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
    09:45:03.0796 2632 Ntfs - ok
    09:45:04.0421 2632 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    09:45:04.0484 2632 Null - ok
    09:45:05.0296 2632 nv (f85e109844787668ce8aab54ef14362a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    09:45:05.0437 2632 nv - ok
    09:45:06.0046 2632 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    09:45:06.0062 2632 NVENETFD - ok
    09:45:06.0656 2632 nvgts (75e2e77c5497f34e60491d27bf03f1cb) C:\WINDOWS\system32\DRIVERS\nvgts.sys
    09:45:06.0671 2632 nvgts - ok
    09:45:07.0281 2632 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    09:45:07.0296 2632 nvnetbus - ok
    09:45:07.0921 2632 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    09:45:07.0984 2632 NwlnkFlt - ok
    09:45:08.0578 2632 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    09:45:08.0640 2632 NwlnkFwd - ok
    09:45:09.0250 2632 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
    09:45:09.0312 2632 Parport - ok
    09:45:09.0921 2632 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
    09:45:09.0984 2632 PartMgr - ok
    09:45:10.0593 2632 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
    09:45:10.0656 2632 ParVdm - ok
    09:45:11.0265 2632 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
    09:45:11.0328 2632 PCI - ok
    09:45:11.0906 2632 PCIDump - ok
    09:45:12.0515 2632 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
    09:45:12.0578 2632 PCIIde - ok
    09:45:13.0187 2632 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys
    09:45:13.0250 2632 Pcmcia - ok
    09:45:13.0843 2632 PDCOMP - ok
    09:45:14.0421 2632 PDFRAME - ok
    09:45:15.0015 2632 PDRELI - ok
    09:45:15.0625 2632 PDRFRAME - ok
    09:45:16.0218 2632 perc2 - ok
    09:45:16.0828 2632 perc2hib - ok
    09:45:17.0453 2632 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    09:45:17.0515 2632 PptpMiniport - ok
    09:45:18.0140 2632 Processor (f480712b761e538bc8e44ede60f3a3c3) C:\WINDOWS\system32\DRIVERS\processr.sys
    09:45:18.0203 2632 Processor - ok
    09:45:18.0796 2632 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
    09:45:18.0859 2632 PSched - ok
    09:45:19.0484 2632 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    09:45:19.0546 2632 Ptilink - ok
    09:45:20.0156 2632 ql1080 - ok
    09:45:20.0750 2632 Ql10wnt - ok
    09:45:21.0328 2632 ql12160 - ok
    09:45:21.0953 2632 ql1240 - ok
    09:45:22.0562 2632 ql1280 - ok
    09:45:23.0187 2632 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    09:45:23.0250 2632 RasAcd - ok
    09:45:23.0859 2632 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    09:45:23.0921 2632 Rasl2tp - ok
    09:45:24.0531 2632 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    09:45:24.0593 2632 RasPppoe - ok
    09:45:25.0218 2632 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    09:45:25.0265 2632 Raspti - ok
    09:45:25.0875 2632 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    09:45:25.0890 2632 Rdbss - ok
    09:45:26.0515 2632 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    09:45:26.0562 2632 RDPCDD - ok
    09:45:27.0171 2632 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    09:45:27.0250 2632 rdpdr - ok
    09:45:27.0859 2632 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
    09:45:27.0921 2632 RDPWD - ok
    09:45:28.0562 2632 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
    09:45:28.0625 2632 redbook - ok
    09:45:29.0250 2632 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    09:45:29.0281 2632 Secdrv - ok
    09:45:29.0890 2632 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
    09:45:29.0953 2632 serenum - ok
    09:45:30.0546 2632 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
    09:45:30.0609 2632 Serial - ok
    09:45:31.0203 2632 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
    09:45:31.0203 2632 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
    09:45:31.0203 2632 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
    09:45:31.0828 2632 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
    09:45:31.0843 2632 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
    09:45:31.0843 2632 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
    09:45:32.0468 2632 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
    09:45:32.0531 2632 Sfloppy - ok
    09:45:33.0140 2632 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
    09:45:33.0140 2632 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
    09:45:33.0140 2632 sfsync02 - detected UnsignedFile.Multi.Generic (1)
    09:45:33.0765 2632 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
    09:45:33.0796 2632 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
    09:45:33.0796 2632 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
    09:45:34.0406 2632 Simbad - ok
    09:45:35.0046 2632 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    09:45:35.0109 2632 SLIP - ok
    09:45:35.0750 2632 SNP2UVC (a70f178299812dce4cc0e802d403be9b) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
    09:45:35.0828 2632 SNP2UVC - ok
    09:45:36.0437 2632 Sparrow - ok
    09:45:37.0234 2632 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
    09:45:37.0296 2632 splitter - ok
    09:45:37.0953 2632 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
    09:45:37.0953 2632 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    09:45:37.0953 2632 sptd ( LockedFile.Multi.Generic ) - warning
    09:45:37.0953 2632 sptd - detected LockedFile.Multi.Generic (1)
    09:45:38.0546 2632 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
    09:45:38.0593 2632 sr - ok
    09:45:39.0234 2632 Srv (553007ecce7f6565bbe645beb66d3b69) C:\WINDOWS\system32\DRIVERS\srv.sys
    09:45:39.0265 2632 Srv - ok
    09:45:39.0890 2632 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
    09:45:39.0890 2632 ssmdrv - ok
    09:45:40.0500 2632 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    09:45:40.0562 2632 streamip - ok
    09:45:41.0171 2632 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
    09:45:41.0234 2632 swenum - ok
    09:45:41.0875 2632 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
    09:45:41.0937 2632 swmidi - ok
    09:45:42.0578 2632 symc810 - ok
    09:45:43.0187 2632 symc8xx - ok
    09:45:43.0781 2632 sym_hi - ok
    09:45:44.0390 2632 sym_u3 - ok
    09:45:45.0015 2632 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
    09:45:45.0093 2632 sysaudio - ok
    09:45:45.0703 2632 systormflb (f57ba076ceadf53d5e549c98eb2f5951) C:\WINDOWS\system32\DRIVERS\systormflb.sys
    09:45:45.0718 2632 systormflb - ok
    09:45:46.0328 2632 Tcpip (77c0c5e7d6cfe2052b8cf28b8722f528) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    09:45:46.0359 2632 Tcpip ( UnsignedFile.Multi.Generic ) - warning
    09:45:46.0359 2632 Tcpip - detected UnsignedFile.Multi.Generic (1)
    09:45:46.0984 2632 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
    09:45:47.0046 2632 TDPIPE - ok
    09:45:47.0671 2632 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
    09:45:47.0734 2632 TDTCP - ok
    09:45:48.0343 2632 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
    09:45:48.0406 2632 TermDD - ok
    09:45:49.0015 2632 TosIde - ok
    09:45:49.0625 2632 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
    09:45:49.0687 2632 Udfs - ok
    09:45:50.0281 2632 ultra - ok
    09:45:50.0890 2632 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
    09:45:50.0906 2632 Update - ok
    09:45:51.0468 2632 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
    09:45:51.0484 2632 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
    09:45:51.0484 2632 USBAAPL - detected UnsignedFile.Multi.Generic (1)
    09:45:52.0093 2632 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
    09:45:52.0156 2632 usbaudio - ok
    09:45:52.0765 2632 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    09:45:52.0828 2632 usbccgp - ok
    09:45:53.0453 2632 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    09:45:53.0500 2632 usbehci - ok
    09:45:54.0109 2632 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    09:45:54.0171 2632 usbhub - ok
    09:45:54.0781 2632 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    09:45:54.0843 2632 usbohci - ok
    09:45:55.0453 2632 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    09:45:55.0515 2632 usbprint - ok
    09:45:56.0125 2632 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    09:45:56.0187 2632 usbscan - ok
    09:45:56.0812 2632 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    09:45:56.0875 2632 USBSTOR - ok
    09:45:57.0484 2632 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
    09:45:57.0546 2632 VgaSave - ok
    09:45:58.0140 2632 ViaIde - ok
    09:45:58.0765 2632 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
    09:45:58.0828 2632 VolSnap - ok
    09:45:59.0421 2632 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    09:45:59.0484 2632 Wanarp - ok
    09:46:00.0078 2632 WDICA - ok
    09:46:00.0703 2632 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
    09:46:00.0765 2632 wdmaud - ok
    09:46:01.0359 2632 whfltr2k (97d0d27a87622154bc90b92d84fd91b5) C:\WINDOWS\system32\DRIVERS\whfltr2k.sys
    09:46:01.0375 2632 whfltr2k - ok
    09:46:02.0015 2632 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    09:46:02.0078 2632 WSTCODEC - ok
    09:46:02.0687 2632 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    09:46:02.0703 2632 WudfPf - ok
    09:46:03.0312 2632 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    09:46:03.0328 2632 WudfRd - ok
    09:46:03.0343 2632 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
    09:46:03.0546 2632 \Device\Harddisk0\DR0 - ok
    09:46:03.0546 2632 Boot (0x1200) (e9a334aa0958ae5e4b51976722d1fd7c) \Device\Harddisk0\DR0\Partition0
    09:46:03.0546 2632 \Device\Harddisk0\DR0\Partition0 - ok
    09:46:03.0562 2632 Boot (0x1200) (d6721d9b05ea618994785a986ffe71bc) \Device\Harddisk0\DR0\Partition1
    09:46:03.0562 2632 \Device\Harddisk0\DR0\Partition1 - ok
    09:46:03.0562 2632 ============================================================
    09:46:03.0562 2632 Scan finished
    09:46:03.0562 2632 ============================================================
    09:46:03.0562 1720 Detected object count: 7
    09:46:03.0562 1720 Actual detected object count: 7
    09:47:06.0234 1720 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 sptd ( LockedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:06.0234 1720 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
    09:47:06.0234 1720 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
    09:47:34.0468 2988 Deinitialize success
    21 Mars 2012 09:58:08

    Ok

    Fais ceci;

    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

    • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
      Une fois l'installation et la mise à jour effectuées :



    • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne Exécuter un examen rapide
    • Afin de lancer la recherche, clic sur " Rechercher ".
    • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    • Si des infections sont présentes, clic sur "Afficher les résultats"
      puis sur "Supprimer la sélection".

      Enregistre le rapport sur ton Bureau.
    • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

      REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
    21 Mars 2012 11:52:02

    rapport :

    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Version de la base de données: v2012.03.21.02

    Windows XP Service Pack 2 x86 NTFS
    Internet Explorer 6.0.2900.2180
    didier :: KOSVOCORE [administrateur]

    21/03/2012 11:46:14
    mbam-log-2012-03-21 (11-46-14).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 179075
    Temps écoulé: 2 minute(s), 41 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)


    Par contre j avais deja fais une analyse rapide hier et il m avait trouver 5 Trojan downloader qui sont en quarantaine.
    Dois je tous supprimer ??
    21 Mars 2012 14:39:15

    Oui vide la quarantaine de MBAM

    Comment se comporte ton PC ?

    Télécharge Delfix sur ton bureau

    Pour Xp : Double clique sur l'icône Delfix
    Pour Vista et Seven: Clique droit sur l'icône de Delfix puis sélectionne 'Exécuter en tant qu'administrateur'.
    clic sur le bouton [Suppression]
    Poste le rapport
    21 Mars 2012 14:49:39

    dois je garder tdsskiller.exe ?
    21 Mars 2012 14:57:44

    Je vois qu il a été supprimé, le PC tourne bien pour le moment.
    J envisage de changer de windows pour Wind 7, aurais tu un conseil pour la version à prendre ? et une configuration correct a avoir sur mon pc car je devrais tous réinstaller.
    Sinon t assures comme une bête, un grand merci à toi et je vais vous faire de la pub...MERCIIIIIIIIIIIIIIIIIIIIIIII

    Rapport :

    # DelFix v8.8 - Rapport créé le 21/03/2012 à 14:53:05
    # Mis à jour le 12/02/12 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 2 (32 bits)
    # Nom d'utilisateur : didier - KOSVOCORE (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\didier\Bureau\delfix.exe
    # Option [Suppression]


    ~~~~~~ Dossiers(s) ~~~~~~

    Supprimé : C:\_OTL

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\TDSSKiller.2.7.20.0_21.03.2012_09.39.22_log.txt
    Supprimé : C:\Documents and Settings\didier\Bureau\tdsskiller.exe

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools

    ~~~~~~ Autres ~~~~~~

    -> Prefetch Vidé

    *************************

    DelFix[S1].txt - [682 octets] - [21/03/2012 14:53:05]

    ########## EOF - C:\DelFix[S1].txt - [805 octets] ##########
    21 Mars 2012 15:34:14

    :lol: 

    Citation :
    J envisage de changer de windows pour Wind 7, aurais tu un conseil pour la version à prendre ?

    Un comparatif de Windows 7
    http://windows.microsoft.com/fr-FR/windows7/products/co...

    Citation :
    une configuration correct a avoir sur mon pc car je devrais tous réinstaller.

    En matière de sécurité il te faut 1 et un seul antivirus tu lui associes Malwarebytes
    Tu peux te servir de Ccleaner avec l'option Nettoyeur évite de te servir de l'option registre windows 7 n'aime pas qu'on farfouille dans son registre.
    Un logiciel pratique pour désinstaller ce qui est récalcitrant:
    http://hacking.interdit.free.fr/phpBB3/viewtopic.php?f=...

    Evite tout ce qui est toolbars c'est de la daube

    Tu peux Ajoutez [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Modifier" (en bas)

    *Ajoute ensuite "résolu" à coté de ton titre et valide.
    * Clique ensuite sur "Mettre à jour"

    Tu peux aussi,si tu le souhaites et si l'option est disponible (dépend de quel type de sujet ouvert), valider une "meilleure réponse", ton sujet sera alors automatiquement marqué comme "résolu"

    Il ne me reste plus qu'à te souhaiter une bonne fin de journée et un bon surf!!!


    21 Mars 2012 16:05:25

    ok, je supprime delfix..
    22 Mars 2012 09:48:19

    J ai spybot aussi, dois je le garder ?
    22 Mars 2012 14:01:48

    Bonjour

    Spybot tu supprimes il ne sert a rien (obsolète)
    22 Mars 2012 16:15:39

    Ok, merci, par contre bizarre depuis que j ai fait tous ce nettoyage, j ai un soucis avec Itunes il ne reconnait plus mon iphone
    22 Mars 2012 20:14:11

    c est bon j ai résolu le problème...MERCI
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS