Trop de processus svchost.exe Fermé

Question

Bonjour, 
je viens vers vous pour avoir quelques conseils!!
Ca fait plusieurs semaines que je ne peux plus me connecter à Gmail, que ma barre de recherche Google me renvoir l'erreur 404,que mon PC rame au démarrage...
Sur ce, j'ai essayer d'en savoir un peut + et j'ai vu que j'avais 83 processus en marche!!dont 9 svchost.exe??!!

HELP PLEESE!!!!!!!!!!!


Configuration: Windows XP / Firefox 6.0.1

antipolis a · Answer

Une fiche pratique CCM :
https://www.commentcamarche.net/faq/32-virus-que-faire-quand-on-est-infecte

flo4242 · Answer

Merci de ton lien!
J'ai fait plusieurs analyse en ligne mais la seule à m'avoir trouvé quelque chose est PANDA.
Voila ce qu'il me trouve!

Cookie/Apmebf Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\8i7a23j9.txt
 
 Cookie/Xiti Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\florent@xiti[1].txt
 
 Cookie/Mediapl... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\8a4tdd6a.txt
 
 Cookie/Serving... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\florent@bs.serving-sys[1].txt
 
 Cookie/Adtech Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\epc1jebs.txt
 
 Cookie/Smartad... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\err28hvw.txt
 
 Cookie/Serving... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\florent@serving-sys[1].txt
 
 Cookie/YieldMa... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\ogu417ed.txt
 
 Cookie/Weboram... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\wzqa1176.txt
 
 Generic Trojan Virus Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\application data\cleanhtm.dll
 
 Cookie/FastCli... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\qb2hp3g3.txt
 
 Cookie/Atlas D... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\florent@atdmt[2].txt
2. c:\documents and settings\florent\cookies\oe6xpoc1.txt
3. c:\documents and settings\florent\cookies\1dezmm5l.txt
 
 Cookie/RealMed... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\dzrqqoz7.txt
 
 Cookie/Doublec... Cookie de surveillance Latent(e) Masquer +Infos   
 1. c:\documents and settings\florent\cookies\808tutdm.txt
 


Maintenant que faut-il que je fasse?
Il me semble que les cookies sont facile à supprimer, non?
Et pour le Trojan, je n'est pas trouvé d'outils pour le supprimer!
Que dois-je faire?

jlpjlp · Answer

slt 

à lire : https://www.commentcamarche.net/informatique/windows/225-gerer-le-processus-svchost-exe-de-windows/ 

pour les cookies : on en a tous dès que l'on va sur le net! pour les supprimer il suffit de le faire via les options de son navigateur ou un logiciel comme ccleaner, ou glary utility 




maintenant pour voir si tu es infecté:  

1/ le pc à quoi comme problèmes actuellement ? 

2/ tu dis ceci: Et pour le Trojan, je n'est pas trouvé d'outils pour le supprimer! 

tu as un trojan dans ton pc? lequel? quels fichiers sont infectés? quel logiciel trouve l'infection? (mettre le rapport du logiciel le signalant si possible)

3/  
Télécharge ZHPDiag ( de Nicolas coolman ). 
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html 


(outil de diagnostic) 

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " ) 

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista ) 

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner. 

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau. 

Rend toi sur Cjoint : http://www.cijoint.fr/ 

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] " 

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau 

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

flo4242 · Answer

Alors :
1) - mon PC rame au démarrage, comme beaucoup
    - je ne peux plus me connecter à Gmail =>Erreur 404
    - je ne peux plux faire de recherche dans la barre Google en haut à droite => Erreur 404

2) Generic Trojan Virus Latent(e) Masquer +Infos
1. c:\documents and settings\florent\application data\cleanhtm.dll
C'est l'analyse en ligne de PANDA qui m' trouvé ça!!

3) J'ai installé ZHPDiag.
Je fais la recherche et c'est là que ça devient intéressant!
A la in de la recherche (100%), mon antivirus (Avira AntiVir) se met à biper! Il me dis qu'il a trouvé un virus dans C:\Documents and settings\ ... \cleanhtm.dll et que c'est un TR\Spy.Bozeep.A.1
Et à partir de ce moment, l'ordi bugg = tout se fige sauf la souris et impossible de faire quoique ce soit! J'ai donc éteint l'ordi avec le bouton marche/arrêt. j'ai recommencé la manip et paf, la même chose!

Que dois-je faire? Je coupe l'antivirus et relance ZHPDiag ou tu vois autre chose à faire??

jlpjlp · Answer

télécharge OTM
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
(de Old_Timer) sur ton Bureau.

double-clique sur OTM.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTM :Paste instruction for items to be moved.


:processes
explorer.exe
:Files
c:\documents and settings\florent\application data\cleanhtm.dll 
c:\documents and settings\florent\application data\cleanhtm.exe
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
cleanhtm =-
:commands
[purity]
[emptytemp]
[start explorer]


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTM\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.




puis retente zhpdiag

si l'antivirus bloque , désactive le le temps de passer zhpdiag


a plus

flo4242 · Answer

Alors, j'ai pu tout faire SAUF le zhpdiag !!! ça fait pareil! ça bugg!
Voici le rapport OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
LoadLibrary failed for c:\documents and settings\florent\application data\cleanhtm.dll
c:\documents and settings\florent\application data\cleanhtm.dll moved successfully.
File/Folder c:\documents and settings\florent\application data\cleanhtm.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cleanhtm  not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: Florent
->Temp folder emptied: 2501525140 bytes
->Temporary Internet Files folder emptied: 97921003 bytes
->Java cache emptied: 818353 bytes
->FireFox cache emptied: 60186412 bytes
->Apple Safari cache emptied: 2068480 bytes
->Flash cache emptied: 1960990 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 167918879 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4086493 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 37908860 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34313 bytes
RecycleBin emptied: 67675949 bytes
 
Total Files Cleaned = 2 806,00 mb
 
 
OTM by OldTimer - Version 3.1.18.0 log created on 09072011_111238

Files moved on Reboot...

Registry entries deleted on Reboot...



Je suis désolé, mais je vais pas répondre de suite!!!
J'étais en Espagne (Andalousie) et je rentre en France demain! Et pendant 1 semaine je ne vais pas avoir Internet...
Mais j'espère te revoir après, parce que ton aide est précieuse!!
Merci!

jlpjlp · Answer

ok 

quel message d'erreur avec zhpdiag?


sinon à la place passe ceci


Télécharge OTL de OLDTimer ici :

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

et enregistre le sur ton Bureau.

Double clic sur OTL.exe pour le lancer.

Coche les 2 cases Lop et Purity

Coche la case devant "scan all users"

Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)


Pour me le transmettre clique sur ce lien :

http://www.cijoint.fr/

Clique sur Parcourir et cherche le fichier ci-dessus.

Clique sur Ouvrir.

Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

est ajouté dans la page.

Copie ce lien dans ta réponse.

flo4242 · Answer

Bonsoir!
Alors, je viens aux nouvelles!
Pour zhpdiag, y'a pas de message d'erreur! ça fait planter l'ordi, c'est tout!!
Pour le rapport OTL, le lien pour te poster le rapport ne marche pas, donc j'essai de te le coller ici!

OTL logfile created on: 13/09/2011 16:34:09 - Run 1
OTL by OldTimer - Version 3.2.28.0     Folder = C:\Documents and Settings\Florent\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1022,42 Mb Total Physical Memory | 539,41 Mb Available Physical Memory | 52,76% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,39% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92,97 Gb Total Space | 11,17 Gb Free Space | 12,02% Space Free | Partition Type: NTFS
 
Computer Name: PC-PORTABLE-FLO | User Name: Florent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/09/13 16:33:07 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Florent\Mes documents\Téléchargements\OTL.exe
PRC - [2011/09/07 19:00:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/03 14:44:37 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/07/19 08:21:20 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Updateealsched.exe
PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
PRC - [2011/06/08 14:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/05/16 19:31:55 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/09 21:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/01/14 23:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/05/06 02:10:14 | 000,741,376 | ---- | M] (Edimax Technology Co., Ltd.) -- C:\Program Files\MFP Server\App\Common\MFPAgent.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/20 21:45:14 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\ServoApp.exe
PRC - [2005/07/19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005/06/08 15:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005/06/08 14:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe
PRC - [2005/05/17 13:28:14 | 000,184,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
PRC - [2005/05/17 09:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005/04/28 20:08:34 | 000,675,840 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
PRC - [2005/04/20 15:56:58 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
PRC - [2005/04/12 15:24:20 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2005/04/11 16:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005/04/05 16:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2005/03/08 15:27:50 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
PRC - [2005/01/21 10:28:10 | 000,266,240 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/01/21 10:27:58 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/11/30 13:06:26 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
PRC - [2004/11/17 10:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
PRC - [2004/09/07 16:26:44 | 000,164,984 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
PRC - [2004/09/07 16:26:16 | 000,234,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
PRC - [2004/09/07 16:25:44 | 000,197,752 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
PRC - [2004/09/07 16:25:18 | 000,058,488 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
PRC - [2004/08/27 22:02:54 | 000,206,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
PRC - [2004/08/05 17:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
PRC - [2004/07/14 16:07:32 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/09/07 19:00:12 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/08/23 08:21:44 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/12/09 21:29:16 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/12/09 21:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/06/17 16:28:02 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll
MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007/05/20 21:45:14 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\ServoApp.exe
MOD - [2006/09/21 22:35:40 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ddschk.dll
MOD - [2005/04/25 11:51:32 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TPeculiarity.dll
MOD - [2005/04/20 15:59:06 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll
MOD - [2005/04/01 15:39:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\EKECioCtl.dll
MOD - [2005/04/01 15:39:14 | 000,024,576 | ---- | M] () -- C:\Program Files\TOSHIBA\TouchPad\TPECioctl.dll
MOD - [2005/04/01 15:37:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\EBLib.DLL
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/09/03 14:44:37 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/05/16 19:31:55 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/11/04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/09/07 16:26:44 | 000,164,984 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2004/09/07 16:26:26 | 000,078,968 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2004/09/07 16:26:16 | 000,234,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2004/09/07 16:25:44 | 000,197,752 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2004/08/31 17:48:44 | 000,066,688 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\Script Blocking\SBServ.exe -- (SBService)
SRV - [2004/08/31 17:46:44 | 000,176,768 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe -- (navapsvc)
SRV - [2004/08/31 02:29:46 | 000,078,992 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ISSVC.exe -- (ISSVC)
SRV - [2004/08/27 22:02:54 | 000,206,048 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2004/08/05 17:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2004/07/23 19:47:22 | 000,197,864 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)
SRV - [2004/07/21 16:24:04 | 000,173,160 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/09/05 17:30:14 | 000,023,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2011/09/03 14:44:39 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/09/03 14:44:39 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/05/18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/06/17 16:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 16:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/17 18:41:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/05/06 22:44:16 | 000,034,944 | ---- | M] (None) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mfpec.sys -- (ALIWEHCD)
DRV - [2006/10/20 03:57:12 | 000,010,240 | ---- | M] (None) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfpvbus.sys -- (WUSBVBus)
DRV - [2005/05/27 09:46:22 | 000,913,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 09:38:00 | 000,007,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/04/28 16:26:48 | 000,037,248 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2005/04/27 10:53:06 | 000,074,112 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2005/04/19 10:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/15 13:46:04 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/12 15:29:26 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/03/30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/24 16:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005/03/22 23:00:58 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/03/09 09:14:34 | 000,008,704 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2005/03/08 20:33:26 | 000,098,560 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/03/04 11:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/13 10:04:18 | 000,057,984 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2005/01/06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers	osrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers	osrfusb.sys -- (Tosrfusb)
DRV - [2004/11/15 22:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004/10/30 10:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel(R)
DRV - [2004/10/04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers	osrfcom.sys -- (Tosrfcom)
DRV - [2004/08/27 22:02:28 | 000,266,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2004/08/27 22:02:26 | 000,025,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2004/08/26 14:03:38 | 000,104,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2004/08/11 01:00:00 | 000,617,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20040811.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2004/08/11 01:00:00 | 000,068,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\VirusDefs\20040811.020\NAVENG.SYS -- (NAVENG)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/07/30 15:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 15:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/07/30 15:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/23 19:47:24 | 000,049,808 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2004/07/23 19:47:22 | 000,335,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2004/07/21 16:24:02 | 000,341,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2004/07/08 17:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers	osrfbnp.sys -- (Tosrfbnp)
DRV - [2004/05/08 20:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-468584774-223955612-2840538225-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\S-1-5-21-468584774-223955612-2840538225-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.google.fr"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.047
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins
pitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper
povshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0
pwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program filesealealplayer\Netscape6
ppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program filesealealplayer\Netscape6
prjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
prpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins
prphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program filesealealplayer\Netscape6
prpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR
ppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/19 08:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 19:00:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/19 08:22:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/07/22 18:28:34 | 000,000,000 | ---D | M]
 
[2010/02/27 21:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Extensions
[2011/09/13 16:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions
[2010/12/14 08:28:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/06 11:27:31 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/09/13 16:01:57 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/09/15 22:46:51 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\personas@christopher(2).beard
[2010/09/15 22:46:52 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\unplug@compunach(2)
[2010/10/23 19:35:07 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Florent\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\extensions\vshare@toolbar
[2011/06/09 19:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/09 19:43:11 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/06/13 17:03:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/07/19 08:22:28 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\DOCUMENTS AND SETTINGS\FLORENT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPZ0005S.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\FLORENT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\HPZ0005S.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI
[2010/06/13 17:03:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/07 19:00:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/06/13 17:03:35 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins
pdeployJava1.dll
[2011/06/07 12:38:52 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/06/07 12:38:52 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/06/07 12:38:52 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/06/07 12:38:53 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/06/07 12:38:53 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/06/07 12:38:53 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2011/07/08 09:53:22 | 000,000,919 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 67.205.118.179	www.google.com
O1 - Hosts: 67.205.118.180	search.yahoo.com
O1 - Hosts: 67.205.118.180	www.bing.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IEpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla	fswshx.dll (Sonic Solutions)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-468584774-223955612-2840538225-1006\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-468584774-223955612-2840538225-1006\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GDI Manager] C:\Program Files\MFP Server\App\Common\MFPAgent.exe (Edimax Technology Co., Ltd.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe (Symantec Corporation)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [Server Application] C:\WINDOWS\system32\ServoApp.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe (Symantec Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\program filesealealplayer\updateealsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: []  File not found
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-468584774-223955612-2840538225-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-468584774-223955612-2840538225-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{813E60AA-FBB1-49D2-8688-2AE499A87CC7}: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter	ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Florent\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Florent\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/23 13:16:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{61eeaa90-7532-11df-b7ea-0013cec0d134}\Shell - "" = AutoRun
O33 - MountPoints2\{61eeaa90-7532-11df-b7ea-0013cec0d134}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/09/07 11:12:38 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/09/06 22:45:27 | 000,000,000 | ---D | C] -- C:\ZHP
[2011/09/06 22:45:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2011/09/06 22:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2011/09/06 13:33:54 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2011/09/06 13:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/09/06 11:27:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florent\Application Data\QuickScan
[2011/09/05 17:28:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/09/03 12:17:22 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/27 14:54:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Florent\Bureau\A organiser-Clef USB
[4 C:\Documents and Settings\Florent\Bureau\*.tmp files -> C:\Documents and Settings\Florent\Bureau\*.tmp -> ]
[1 C:\Documents and Settings\Florent\Mes documents\*.tmp files -> C:\Documents and Settings\Florent\Mes documents\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/09/13 15:43:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS	asks\AppleSoftwareUpdate.job
[2011/09/13 15:39:45 | 000,000,282 | ---- | M] () -- C:\WINDOWS	asks\RealUpgradeLogonTaskS-1-5-21-468584774-223955612-2840538225-1006.job
[2011/09/13 15:39:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/13 15:39:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/13 15:39:25 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/06 22:45:07 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2011/09/06 22:45:07 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2011/09/06 22:45:07 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2011/09/06 22:19:32 | 000,000,290 | ---- | M] () -- C:\WINDOWS	asks\RealUpgradeScheduledTaskS-1-5-21-468584774-223955612-2840538225-1006.job
[2011/09/06 11:45:17 | 000,313,584 | ---- | M] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\census.cache
[2011/09/06 11:44:24 | 000,204,414 | ---- | M] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\ars.cache
[2011/09/06 11:25:46 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\housecall.guid.cache
[2011/09/05 17:30:14 | 000,023,624 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/09/05 12:30:59 | 007,200,273 | ---- | M] () -- C:\Documents and Settings\Florent\Bureau\diabète.obésité.europe.pdf
[2011/09/05 12:00:04 | 000,338,174 | ---- | M] () -- C:\Documents and Settings\Florent\Bureau\superaliments.png
[2011/09/05 11:44:39 | 000,076,161 | ---- | M] () -- C:\Documents and Settings\Florent\Bureau\infog-maillot-om-third-big2.jpg
[2011/09/05 10:12:07 | 003,436,932 | ---- | M] () -- C:\Documents and Settings\Florent\Bureau\David Guetta feat Flo Rida _ Nicki Minaj - Where Them Girls At - Lyrics video.mp3
[2011/09/03 14:44:39 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/09/03 14:44:39 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/08/28 11:44:59 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/27 15:44:03 | 000,001,788 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nokia Ovi Suite.lnk
[2011/08/25 18:16:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/08/23 08:21:46 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/08/21 11:50:09 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\Documents and Settings\Florent\Bureau\*.tmp files -> C:\Documents and Settings\Florent\Bureau\*.tmp -> ]
[1 C:\Documents and Settings\Florent\Mes documents\*.tmp files -> C:\Documents and Settings\Florent\Mes documents\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/09/06 22:45:07 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2011/09/06 22:45:07 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2011/09/06 22:45:07 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2011/09/06 11:45:17 | 000,313,584 | ---- | C] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\census.cache
[2011/09/06 11:44:24 | 000,204,414 | ---- | C] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\ars.cache
[2011/09/06 11:25:46 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\housecall.guid.cache
[2011/09/05 17:30:14 | 000,023,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/09/05 12:30:59 | 007,200,273 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\diabète.obésité.europe.pdf
[2011/09/05 12:00:03 | 000,338,174 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\superaliments.png
[2011/09/05 11:44:38 | 000,076,161 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\infog-maillot-om-third-big2.jpg
[2011/09/05 10:11:54 | 003,436,932 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\David Guetta feat Flo Rida _ Nicki Minaj - Where Them Girls At - Lyrics video.mp3
[2011/08/16 09:11:23 | 734,281,728 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\CARS.2.avi
[2011/08/15 00:00:55 | 690,908,185 | ---- | C] () -- C:\Documents and Settings\Florent\Bureau\RIO.avi
[2011/08/02 11:54:41 | 000,038,492 | ---- | C] () -- C:\Documents and Settings\Florent\Application Data\Valeurs séparées par une virgule (Windows).ADR
[2011/06/07 19:44:25 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2011/06/07 19:44:06 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/06/05 16:41:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2011/03/14 22:08:08 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/02/11 16:06:17 | 000,320,992 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/11/20 18:23:45 | 000,000,022 | ---- | C] () -- C:\WINDOWS\sevens.ini
[2010/11/20 17:36:49 | 000,000,051 | ---- | C] () -- C:\WINDOWS\Bbt97.INI
[2010/10/31 13:49:33 | 000,177,968 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2010/10/31 13:49:33 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2010/09/28 16:18:36 | 000,051,100 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/06/04 13:48:57 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/03/14 20:46:02 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2010/03/02 20:46:29 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/01 23:00:15 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/03/01 23:00:15 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/03/01 23:00:15 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/03/01 23:00:15 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/03/01 23:00:15 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/03/01 23:00:15 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/03/01 23:00:15 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/03/01 23:00:15 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/03/01 23:00:15 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/03/01 23:00:15 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/03/01 23:00:15 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/03/01 23:00:15 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/03/01 23:00:15 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/03/01 23:00:15 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/03/01 23:00:15 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/03/01 23:00:15 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/03/01 23:00:15 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/03/01 23:00:15 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/03/01 23:00:15 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/03/01 22:59:22 | 000,008,133 | ---- | C] () -- C:\WINDOWS\System32\MFPScript.ini
[2010/03/01 22:59:20 | 000,417,792 | ---- | C] () -- C:\WINDOWS\System32\ServoApp.exe
[2010/03/01 22:59:20 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ddschk.dll
[2010/03/01 22:59:20 | 000,000,548 | ---- | C] () -- C:\WINDOWS\System32\cliktext.ini
[2010/03/01 22:59:19 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\mfpcoins.dll
[2010/03/01 22:56:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE SX400DEFGIPSDaFiNoSv.ini
[2010/02/27 21:35:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS
sreg.dat
[2010/02/27 17:54:09 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Florent\Local Settings\Application Data\fusioncache.dat
[2005/10/21 00:58:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\vspxvfw.dll
[2005/09/01 16:20:46 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\vspxcore.dll
[2005/05/24 09:22:33 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/24 09:16:32 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2005/05/24 09:16:15 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini
[2005/05/24 08:54:24 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/24 07:55:33 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/05/24 07:49:56 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/24 07:49:56 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/24 07:49:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/24 07:49:56 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/24 07:49:56 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/24 07:49:56 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/23 16:33:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/05/23 16:24:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2005/05/23 16:21:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS	osOBEX.INI
[2005/05/23 16:00:36 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/05/23 16:00:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/05/23 16:00:36 | 000,010,177 | ---- | C] () -- C:\WINDOWS\System32	osmreg.ini
[2005/05/23 16:00:36 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/05/23 15:54:07 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/05/23 15:54:07 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/05/23 15:34:33 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/05/23 15:34:33 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/05/23 15:34:33 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
[2005/05/23 15:34:33 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxeq.dat
[2005/05/23 15:31:16 | 000,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2005/05/23 15:09:34 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/23 15:08:44 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/05/23 14:37:42 | 000,081,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/23 13:19:32 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/05/23 13:18:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/23 13:14:08 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/05/23 13:03:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2005/05/23 13:03:18 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/23 13:03:17 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe
[2005/05/23 13:03:06 | 000,586,466 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2005/05/23 13:03:06 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2005/05/23 13:03:06 | 000,108,084 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2005/05/23 13:03:06 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2005/05/23 13:02:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/05/23 13:02:49 | 000,512,946 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/05/23 13:02:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/05/23 13:02:49 | 000,091,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/23 13:02:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/05/23 13:02:47 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/05/23 13:02:47 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/05/23 13:02:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32
oise.dat
[2005/05/23 13:02:41 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/05/23 13:02:41 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/05/23 13:02:35 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/05/23 13:02:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/04/25 11:51:32 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005/04/20 15:59:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/04/01 15:39:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2005/04/01 15:37:54 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2005/04/01 15:37:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2005/02/28 15:28:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 15:20:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/09/22 10:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/07/29 15:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/06/04 13:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010/04/17 18:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/03/01 22:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/09/05 17:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/08/27 15:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/02/11 14:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaMusic
[2011/02/11 14:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/11/18 20:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/01 23:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/09/28 16:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2005/05/23 16:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data	oshiba
[2010/12/29 12:36:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Broad Intelligence
[2010/06/04 13:49:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Canneverbe Limited
[2010/04/17 18:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\DAEMON Tools Lite
[2010/03/18 17:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\InterVideo
[2011/07/22 19:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Nokia
[2011/07/22 19:31:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Nokia Ovi Suite
[2011/06/07 17:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Notepad++
[2010/12/29 12:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\OpenCandy
[2011/07/22 18:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\PC Suite
[2011/06/23 19:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\PhotoFiltre
[2011/09/06 11:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\QuickScan
[2010/09/15 22:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data	oshiba
[2010/12/29 12:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Uniblue
[2011/07/08 13:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Florent\Application Data\Windows Search
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

jlpjlp · Answer

il manque la fin du rapport


sinon tu as antivir et norton antivirus?

flo4242 · Answer

salut!

je viens de revoir le rapport et je t'ai tout envoyé, y'a rien de +!

Oui, j'ai Antivir comme antivirus et Norton, il était installé par défaut sur l'ordi mais je l'ai pas désinstallé!

jlpjlp · Answer

il faut absolument desinstaller norton . Sinon le pc risque de ramer et planter. Ensuite dis nous comment va le pc . Je regarde le rapport ce soir

flo4242 · Answer

salut,
le PC va comme d'hab, lent au démarrage et après ça peut aller sauf que pour Internet, je ne peux toujours pas faire de recherche dans la barre Google!
Et toi, t'as trouvé quelques choses?

jlpjlp · Answer

désactive le tea timer de spybot

puis

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

flo4242 · Answer

Et bin je suis désolé mais encore une fois, ça bloque tout!
Je l'ai lancé comme demandé mais après avoir écrit le petit message comme quoi ça pouvait prendre 10 minutes, ça coince!

jlpjlp · Answer

colle un rapport avec tdsskiller:


    Téléchargez TDSSKiller sur votre bureau


https://support.kaspersky.com/downloads/utils/tdsskiller.zip

    Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
    Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.


Cochez les et cliquez sur "Delete/Repair Selected".

    Un message peut ensuite apparaitre demandant de redémarrer le pc (reboot)pour finir le nettoyage. taper "Y" pour redémarrer le PC ("close all programs and choose Y to restart").



Informations complémentaires sur cet outil :
https://support.kaspersky.com/5350

flo4242 · Answer

Et autre chose, dans la journée, mon ordi a détecté un virus dans Mozilla/Firefox/.../Cache/CACHE 001...
J'ai donc supprimé ce truc et je pensai que c'était bon MAIS en faisant passer des photos par clé USB à ma soeur, son ordi lui a détecté le même problème!!!

flo4242 · Answer

voila le rapport!!

2011/09/19 22:43:29.0921 2120	TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/19 22:43:31.0921 2120	================================================================================
2011/09/19 22:43:31.0921 2120	SystemInfo:
2011/09/19 22:43:31.0921 2120	
2011/09/19 22:43:31.0921 2120	OS Version: 5.1.2600 ServicePack: 3.0
2011/09/19 22:43:31.0921 2120	Product type: Workstation
2011/09/19 22:43:31.0921 2120	ComputerName: PC-PORTABLE-FLO
2011/09/19 22:43:31.0921 2120	UserName: Florent
2011/09/19 22:43:31.0921 2120	Windows directory: C:\WINDOWS
2011/09/19 22:43:31.0921 2120	System windows directory: C:\WINDOWS
2011/09/19 22:43:31.0921 2120	Processor architecture: Intel x86
2011/09/19 22:43:31.0921 2120	Number of processors: 1
2011/09/19 22:43:31.0921 2120	Page size: 0x1000
2011/09/19 22:43:31.0921 2120	Boot type: Normal boot
2011/09/19 22:43:31.0921 2120	================================================================================
2011/09/19 22:43:34.0062 2120	Initialize success
2011/09/19 22:43:39.0859 2156	================================================================================
2011/09/19 22:43:39.0859 2156	Scan started
2011/09/19 22:43:39.0859 2156	Mode: Manual; 
2011/09/19 22:43:39.0859 2156	================================================================================
2011/09/19 22:43:41.0843 2156	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/19 22:43:41.0921 2156	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/19 22:43:41.0968 2156	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/19 22:43:42.0078 2156	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/19 22:43:42.0218 2156	AgereSoftModem  (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/19 22:43:42.0531 2156	ALCXWDM         (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/19 22:43:42.0750 2156	ApfiltrService  (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/09/19 22:43:42.0843 2156	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/19 22:43:43.0000 2156	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/19 22:43:43.0062 2156	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/19 22:43:43.0203 2156	ati2mtag        (2fbdfec8cd60cec3d55e615865333033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/19 22:43:43.0328 2156	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/19 22:43:43.0421 2156	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/19 22:43:43.0546 2156	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/19 22:43:43.0718 2156	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/19 22:43:43.0781 2156	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/19 22:43:43.0875 2156	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/19 22:43:43.0953 2156	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/19 22:43:44.0062 2156	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/19 22:43:44.0156 2156	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/19 22:43:44.0234 2156	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/19 22:43:44.0281 2156	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/19 22:43:44.0453 2156	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/19 22:43:44.0609 2156	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/19 22:43:44.0796 2156	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/19 22:43:44.0859 2156	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/19 22:43:44.0937 2156	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/19 22:43:45.0031 2156	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/19 22:43:45.0093 2156	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/19 22:43:45.0140 2156	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/19 22:43:45.0218 2156	drvmcdb         (f41619ae216b51d68dda163805eefaa9) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/09/19 22:43:45.0265 2156	drvnddm         (2ff629c1c443e25d0149b9dfb77e43a8) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/09/19 22:43:45.0328 2156	EMSCR           (d3d0ef132eb8f7351e0f6e8072e26331) C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
2011/09/19 22:43:45.0390 2156	ESDCR           (fcf25b9eb1876dbb3efe13baf37b7bf8) C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
2011/09/19 22:43:45.0468 2156	ESMCR           (7cec9e3a81142ea0294f2abba0b0a846) C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
2011/09/19 22:43:45.0640 2156	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/19 22:43:45.0734 2156	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/19 22:43:45.0812 2156	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/19 22:43:45.0890 2156	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/19 22:43:45.0968 2156	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/19 22:43:46.0031 2156	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/19 22:43:46.0125 2156	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/19 22:43:46.0171 2156	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/09/19 22:43:46.0234 2156	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/19 22:43:46.0421 2156	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/19 22:43:46.0500 2156	hitmanpro35     (72472b9ce5d02e443cff49a40355455d) C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011/09/19 22:43:46.0640 2156	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/19 22:43:46.0718 2156	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/19 22:43:46.0781 2156	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/19 22:43:46.0890 2156	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/19 22:43:46.0968 2156	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/19 22:43:47.0046 2156	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/19 22:43:47.0125 2156	IntelIde        (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/19 22:43:47.0281 2156	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/19 22:43:47.0343 2156	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/19 22:43:47.0421 2156	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/19 22:43:47.0562 2156	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/19 22:43:47.0640 2156	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/19 22:43:47.0687 2156	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/19 22:43:47.0765 2156	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/19 22:43:47.0828 2156	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/19 22:43:47.0843 2156	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/19 22:43:47.0921 2156	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/19 22:43:48.0000 2156	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/19 22:43:48.0062 2156	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/19 22:43:48.0234 2156	LVUSBSta        (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
2011/09/19 22:43:48.0281 2156	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/19 22:43:48.0390 2156	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/19 22:43:48.0437 2156	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/19 22:43:48.0531 2156	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/19 22:43:48.0593 2156	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/19 22:43:48.0625 2156	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/19 22:43:48.0703 2156	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/19 22:43:48.0765 2156	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/19 22:43:48.0812 2156	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/19 22:43:48.0875 2156	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/19 22:43:48.0937 2156	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/19 22:43:48.0984 2156	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/19 22:43:49.0031 2156	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/19 22:43:49.0125 2156	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/19 22:43:49.0156 2156	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/19 22:43:49.0328 2156	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/19 22:43:49.0390 2156	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/19 22:43:49.0484 2156	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
2011/09/19 22:43:49.0531 2156	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
2011/09/19 22:43:49.0609 2156	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
2011/09/19 22:43:49.0718 2156	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/19 22:43:49.0812 2156	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
2011/09/19 22:43:49.0843 2156	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
2011/09/19 22:43:49.0937 2156	Netdevio        (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS
etdevio.sys
2011/09/19 22:43:50.0109 2156	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
ic1394.sys
2011/09/19 22:43:50.0156 2156	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/09/19 22:43:50.0234 2156	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/09/19 22:43:50.0296 2156	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/19 22:43:50.0343 2156	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/19 22:43:50.0421 2156	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/19 22:43:50.0500 2156	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
2011/09/19 22:43:50.0562 2156	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
2011/09/19 22:43:50.0625 2156	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/19 22:43:50.0687 2156	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/09/19 22:43:50.0750 2156	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/19 22:43:50.0812 2156	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/19 22:43:50.0875 2156	pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
2011/09/19 22:43:50.0906 2156	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/09/19 22:43:51.0046 2156	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/19 22:43:51.0140 2156	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/19 22:43:51.0171 2156	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/09/19 22:43:51.0312 2156	pepifilter      (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/09/19 22:43:51.0500 2156	PID_08A0        (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
2011/09/19 22:43:51.0593 2156	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
2011/09/19 22:43:51.0671 2156	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/19 22:43:51.0734 2156	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/19 22:43:51.0812 2156	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/19 22:43:51.0921 2156	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
2011/09/19 22:43:52.0000 2156	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
2011/09/19 22:43:52.0046 2156	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
2011/09/19 22:43:52.0171 2156	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
2011/09/19 22:43:52.0250 2156	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
2011/09/19 22:43:52.0281 2156	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/19 22:43:52.0406 2156	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/19 22:43:52.0500 2156	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
2011/09/19 22:43:52.0593 2156	RTL8023xp       (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/09/19 22:43:52.0656 2156	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/19 22:43:52.0718 2156	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/09/19 22:43:52.0781 2156	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/19 22:43:52.0859 2156	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/19 22:43:52.0953 2156	SerTVOutCtlr    (c996c839a3261cab5409c61e5702b620) C:\WINDOWS\system32\drivers\EPIOMngr.sys
2011/09/19 22:43:53.0046 2156	sffdisk         (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/09/19 22:43:53.0171 2156	sffp_sd         (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/09/19 22:43:53.0234 2156	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/09/19 22:43:53.0343 2156	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/19 22:43:53.0453 2156	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/19 22:43:53.0578 2156	sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/19 22:43:53.0578 2156	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/09/19 22:43:53.0593 2156	sptd - detected LockedFile.Multi.Generic (1)
2011/09/19 22:43:53.0625 2156	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/19 22:43:53.0703 2156	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/19 22:43:53.0765 2156	SrvcEKIOMngr    (3b01a9316255cdd17f9c8e79aa573406) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
2011/09/19 22:43:53.0828 2156	SrvcSSIOMngr    (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
2011/09/19 22:43:53.0921 2156	sscdbhk5        (1cbd1b58a32de97899f5290b05f856db) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/09/19 22:43:53.0984 2156	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/19 22:43:54.0125 2156	ssrtln          (7fb07ac152d7a87e66204860002bd9a4) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/09/19 22:43:54.0187 2156	StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/09/19 22:43:54.0406 2156	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/19 22:43:54.0468 2156	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/19 22:43:54.0562 2156	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/19 22:43:54.0703 2156	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/19 22:43:54.0828 2156	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
2011/09/19 22:43:54.0906 2156	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/19 22:43:54.0968 2156	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/19 22:43:55.0093 2156	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
2011/09/19 22:43:55.0187 2156	tfsnboio        (2da3ca4022abb0802de7eeda574e78d6) C:\WINDOWS\system32\dla	fsnboio.sys
2011/09/19 22:43:55.0281 2156	tfsncofs        (c8d6928759b77701c21dc90ad61197f2) C:\WINDOWS\system32\dla	fsncofs.sys
2011/09/19 22:43:55.0343 2156	tfsndrct        (bacdef5510fa643683cddca418e49446) C:\WINDOWS\system32\dla	fsndrct.sys
2011/09/19 22:43:55.0406 2156	tfsndres        (9cf2b32430c9bbd43ef1c3cae80940d3) C:\WINDOWS\system32\dla	fsndres.sys
2011/09/19 22:43:55.0468 2156	tfsnifs         (6aef3ec0b64689536891a9b96e9d7b82) C:\WINDOWS\system32\dla	fsnifs.sys
2011/09/19 22:43:55.0531 2156	tfsnopio        (7239873a72dd456f6e74e6987cdb9687) C:\WINDOWS\system32\dla	fsnopio.sys
2011/09/19 22:43:55.0593 2156	tfsnpool        (b78631e3593ddd76a4a8ba7cb8e32302) C:\WINDOWS\system32\dla	fsnpool.sys
2011/09/19 22:43:55.0671 2156	tfsnudf         (9e8b4abb93e5784fc4e5d3202566cc7a) C:\WINDOWS\system32\dla	fsnudf.sys
2011/09/19 22:43:55.0718 2156	tfsnudfa        (056fa0a11ba4cd688e1e40e48ffee921) C:\WINDOWS\system32\dla	fsnudfa.sys
2011/09/19 22:43:55.0906 2156	tosporte        (e46fb54be8a2a395fe96633b838baafe) C:\WINDOWS\system32\DRIVERS	osporte.sys
2011/09/19 22:43:55.0984 2156	Tosrfbd         (81546df5dea8abf2c8864d6d1f724b35) C:\WINDOWS\system32\Drivers	osrfbd.sys
2011/09/19 22:43:56.0046 2156	Tosrfbnp        (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers	osrfbnp.sys
2011/09/19 22:43:56.0093 2156	Tosrfcom        (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers	osrfcom.sys
2011/09/19 22:43:56.0156 2156	tosrfec         (28c252f4311244a07b6dafc1fa0a2b0e) C:\WINDOWS\system32\DRIVERS	osrfec.sys
2011/09/19 22:43:56.0218 2156	Tosrfhid        (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2011/09/19 22:43:56.0296 2156	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS	osrfnds.sys
2011/09/19 22:43:56.0375 2156	Tosrfusb        (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers	osrfusb.sys
2011/09/19 22:43:56.0453 2156	TPwSav          (542dd0c0d8a1aa428a8c8d1517edb679) C:\WINDOWS\system32\Drivers\TPwSav.sys
2011/09/19 22:43:56.0562 2156	Tvs             (7bc87d123f504d161693f672cfe99ec4) C:\WINDOWS\system32\DRIVERS\Tvs.sys
2011/09/19 22:43:56.0656 2156	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/19 22:43:56.0859 2156	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/19 22:43:56.0953 2156	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/09/19 22:43:57.0046 2156	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/19 22:43:57.0109 2156	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/19 22:43:57.0171 2156	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/19 22:43:57.0250 2156	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/19 22:43:57.0343 2156	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/19 22:43:57.0421 2156	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/19 22:43:57.0500 2156	usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/09/19 22:43:57.0546 2156	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/09/19 22:43:57.0609 2156	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/19 22:43:57.0703 2156	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/19 22:43:57.0750 2156	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/19 22:43:57.0843 2156	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/19 22:43:58.0046 2156	w29n51          (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2011/09/19 22:43:58.0218 2156	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/19 22:43:58.0312 2156	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/09/19 22:43:58.0453 2156	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/19 22:43:58.0640 2156	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/09/19 22:43:58.0734 2156	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/19 22:43:58.0828 2156	WudfPf          (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/19 22:43:58.0875 2156	WudfRd          (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/19 22:43:58.0968 2156	MBR (0x1B8)     (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
2011/09/19 22:43:59.0109 2156	MBR (0x1B8)     (e76625bdf2a1cd3f8abb3a60ce6e99db) \Device\Harddisk1\DR6
2011/09/19 22:44:01.0015 2156	Boot (0x1200)   (8b3e14b8b9325f0c37b7b97b70755dcc) \Device\Harddisk0\DR0\Partition0
2011/09/19 22:44:01.0015 2156	================================================================================
2011/09/19 22:44:01.0015 2156	Scan finished
2011/09/19 22:44:01.0015 2156	================================================================================
2011/09/19 22:44:01.0031 0924	Detected object count: 1
2011/09/19 22:44:01.0031 0924	Actual detected object count: 1
2011/09/19 22:44:43.0390 0924	LockedFile.Multi.Generic(sptd) - User select action: Skip 
2011/09/19 22:45:18.0078 0272	================================================================================
2011/09/19 22:45:18.0078 0272	Scan started
2011/09/19 22:45:18.0078 0272	Mode: Manual; 
2011/09/19 22:45:18.0078 0272	================================================================================
2011/09/19 22:45:18.0421 0272	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/19 22:45:18.0484 0272	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/19 22:45:18.0546 0272	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/19 22:45:18.0625 0272	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/19 22:45:18.0734 0272	AgereSoftModem  (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/19 22:45:18.0921 0272	ALCXWDM         (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/19 22:45:19.0046 0272	ApfiltrService  (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/09/19 22:45:19.0156 0272	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/19 22:45:19.0281 0272	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/19 22:45:19.0312 0272	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/19 22:45:19.0437 0272	ati2mtag        (2fbdfec8cd60cec3d55e615865333033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/19 22:45:19.0468 0272	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/19 22:45:19.0546 0272	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/19 22:45:19.0656 0272	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/19 22:45:19.0718 0272	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/19 22:45:19.0750 0272	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/19 22:45:19.0812 0272	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/19 22:45:19.0859 0272	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/19 22:45:19.0906 0272	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/19 22:45:19.0984 0272	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/19 22:45:20.0000 0272	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/19 22:45:20.0031 0272	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/19 22:45:20.0093 0272	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/19 22:45:20.0140 0272	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/19 22:45:20.0359 0272	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/19 22:45:20.0437 0272	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/19 22:45:20.0484 0272	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/19 22:45:20.0531 0272	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/19 22:45:20.0578 0272	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/19 22:45:20.0640 0272	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/19 22:45:20.0703 0272	drvmcdb         (f41619ae216b51d68dda163805eefaa9) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/09/19 22:45:20.0750 0272	drvnddm         (2ff629c1c443e25d0149b9dfb77e43a8) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/09/19 22:45:20.0812 0272	EMSCR           (d3d0ef132eb8f7351e0f6e8072e26331) C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
2011/09/19 22:45:20.0843 0272	ESDCR           (fcf25b9eb1876dbb3efe13baf37b7bf8) C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
2011/09/19 22:45:20.0859 0272	ESMCR           (7cec9e3a81142ea0294f2abba0b0a846) C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
2011/09/19 22:45:20.0906 0272	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/19 22:45:20.0937 0272	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/19 22:45:20.0984 0272	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/19 22:45:21.0000 0272	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/19 22:45:21.0031 0272	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/19 22:45:21.0093 0272	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/19 22:45:21.0218 0272	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/19 22:45:21.0234 0272	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/09/19 22:45:21.0281 0272	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/19 22:45:21.0343 0272	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/19 22:45:21.0406 0272	hitmanpro35     (72472b9ce5d02e443cff49a40355455d) C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011/09/19 22:45:21.0484 0272	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/19 22:45:21.0531 0272	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/19 22:45:21.0562 0272	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/19 22:45:21.0625 0272	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/19 22:45:21.0703 0272	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/19 22:45:21.0734 0272	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/19 22:45:21.0796 0272	IntelIde        (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/19 22:45:21.0859 0272	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/19 22:45:21.0890 0272	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/19 22:45:21.0937 0272	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/19 22:45:21.0953 0272	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/19 22:45:22.0000 0272	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/19 22:45:22.0031 0272	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/19 22:45:22.0078 0272	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/19 22:45:22.0109 0272	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/19 22:45:22.0125 0272	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/19 22:45:22.0187 0272	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/19 22:45:22.0234 0272	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/19 22:45:22.0328 0272	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/19 22:45:22.0406 0272	LVUSBSta        (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
2011/09/19 22:45:22.0468 0272	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/19 22:45:22.0484 0272	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/19 22:45:22.0500 0272	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/19 22:45:22.0562 0272	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/19 22:45:22.0609 0272	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/19 22:45:22.0671 0272	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/19 22:45:22.0734 0272	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/19 22:45:22.0781 0272	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/19 22:45:22.0812 0272	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/19 22:45:22.0859 0272	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/19 22:45:22.0906 0272	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/19 22:45:22.0953 0272	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/19 22:45:22.0984 0272	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/19 22:45:23.0031 0272	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/19 22:45:23.0078 0272	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/19 22:45:23.0125 0272	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/19 22:45:23.0187 0272	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/19 22:45:23.0250 0272	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
2011/09/19 22:45:23.0328 0272	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
2011/09/19 22:45:23.0375 0272	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
2011/09/19 22:45:23.0453 0272	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/19 22:45:23.0484 0272	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
2011/09/19 22:45:23.0515 0272	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
2011/09/19 22:45:23.0593 0272	Netdevio        (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS
etdevio.sys
2011/09/19 22:45:23.0625 0272	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
ic1394.sys
2011/09/19 22:45:23.0687 0272	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/09/19 22:45:23.0718 0272	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/09/19 22:45:23.0750 0272	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/19 22:45:23.0796 0272	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/19 22:45:23.0875 0272	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/19 22:45:23.0937 0272	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
2011/09/19 22:45:23.0984 0272	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
2011/09/19 22:45:24.0031 0272	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/19 22:45:24.0093 0272	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/09/19 22:45:24.0125 0272	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/19 22:45:24.0171 0272	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/19 22:45:24.0250 0272	pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
2011/09/19 22:45:24.0328 0272	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/09/19 22:45:24.0359 0272	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/19 22:45:24.0437 0272	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/19 22:45:24.0484 0272	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/09/19 22:45:24.0609 0272	pepifilter      (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/09/19 22:45:24.0765 0272	PID_08A0        (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
2011/09/19 22:45:24.0812 0272	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
2011/09/19 22:45:24.0843 0272	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/19 22:45:24.0906 0272	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/19 22:45:24.0953 0272	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/19 22:45:25.0078 0272	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
2011/09/19 22:45:25.0125 0272	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
2011/09/19 22:45:25.0156 0272	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
2011/09/19 22:45:25.0171 0272	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
2011/09/19 22:45:25.0218 0272	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
2011/09/19 22:45:25.0250 0272	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/19 22:45:25.0328 0272	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/19 22:45:25.0406 0272	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
2011/09/19 22:45:25.0500 0272	RTL8023xp       (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/09/19 22:45:25.0578 0272	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/19 22:45:25.0609 0272	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/09/19 22:45:25.0656 0272	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/19 22:45:25.0718 0272	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/19 22:45:25.0765 0272	SerTVOutCtlr    (c996c839a3261cab5409c61e5702b620) C:\WINDOWS\system32\drivers\EPIOMngr.sys
2011/09/19 22:45:25.0828 0272	sffdisk         (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/09/19 22:45:25.0875 0272	sffp_sd         (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/09/19 22:45:25.0906 0272	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/09/19 22:45:25.0984 0272	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/19 22:45:26.0046 0272	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/19 22:45:26.0156 0272	sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/19 22:45:26.0156 0272	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/09/19 22:45:26.0156 0272	sptd - detected LockedFile.Multi.Generic (1)
2011/09/19 22:45:26.0187 0272	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/19 22:45:26.0281 0272	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/19 22:45:26.0312 0272	SrvcEKIOMngr    (3b01a9316255cdd17f9c8e79aa573406) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
2011/09/19 22:45:26.0375 0272	SrvcSSIOMngr    (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
2011/09/19 22:45:26.0437 0272	sscdbhk5        (1cbd1b58a32de97899f5290b05f856db) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/09/19 22:45:26.0515 0272	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/19 22:45:26.0562 0272	ssrtln          (7fb07ac152d7a87e66204860002bd9a4) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/09/19 22:45:26.0609 0272	StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/09/19 22:45:26.0765 0272	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/19 22:45:26.0828 0272	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/19 22:45:26.0859 0272	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/19 22:45:27.0000 0272	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/19 22:45:27.0093 0272	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
2011/09/19 22:45:27.0140 0272	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/19 22:45:27.0187 0272	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/19 22:45:27.0218 0272	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
2011/09/19 22:45:27.0250 0272	tfsnboio        (2da3ca4022abb0802de7eeda574e78d6) C:\WINDOWS\system32\dla	fsnboio.sys
2011/09/19 22:45:27.0281 0272	tfsncofs        (c8d6928759b77701c21dc90ad61197f2) C:\WINDOWS\system32\dla	fsncofs.sys
2011/09/19 22:45:27.0312 0272	tfsndrct        (bacdef5510fa643683cddca418e49446) C:\WINDOWS\system32\dla	fsndrct.sys
2011/09/19 22:45:27.0343 0272	tfsndres        (9cf2b32430c9bbd43ef1c3cae80940d3) C:\WINDOWS\system32\dla	fsndres.sys
2011/09/19 22:45:27.0359 0272	tfsnifs         (6aef3ec0b64689536891a9b96e9d7b82) C:\WINDOWS\system32\dla	fsnifs.sys
2011/09/19 22:45:27.0484 0272	tfsnopio        (7239873a72dd456f6e74e6987cdb9687) C:\WINDOWS\system32\dla	fsnopio.sys
2011/09/19 22:45:27.0531 0272	tfsnpool        (b78631e3593ddd76a4a8ba7cb8e32302) C:\WINDOWS\system32\dla	fsnpool.sys
2011/09/19 22:45:27.0578 0272	tfsnudf         (9e8b4abb93e5784fc4e5d3202566cc7a) C:\WINDOWS\system32\dla	fsnudf.sys
2011/09/19 22:45:27.0593 0272	tfsnudfa        (056fa0a11ba4cd688e1e40e48ffee921) C:\WINDOWS\system32\dla	fsnudfa.sys
2011/09/19 22:45:27.0687 0272	tosporte        (e46fb54be8a2a395fe96633b838baafe) C:\WINDOWS\system32\DRIVERS	osporte.sys
2011/09/19 22:45:27.0734 0272	Tosrfbd         (81546df5dea8abf2c8864d6d1f724b35) C:\WINDOWS\system32\Drivers	osrfbd.sys
2011/09/19 22:45:27.0765 0272	Tosrfbnp        (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers	osrfbnp.sys
2011/09/19 22:45:27.0812 0272	Tosrfcom        (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers	osrfcom.sys
2011/09/19 22:45:27.0859 0272	tosrfec         (28c252f4311244a07b6dafc1fa0a2b0e) C:\WINDOWS\system32\DRIVERS	osrfec.sys
2011/09/19 22:45:27.0890 0272	Tosrfhid        (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2011/09/19 22:45:27.0921 0272	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS	osrfnds.sys
2011/09/19 22:45:27.0953 0272	Tosrfusb        (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers	osrfusb.sys
2011/09/19 22:45:28.0000 0272	TPwSav          (542dd0c0d8a1aa428a8c8d1517edb679) C:\WINDOWS\system32\Drivers\TPwSav.sys
2011/09/19 22:45:28.0062 0272	Tvs             (7bc87d123f504d161693f672cfe99ec4) C:\WINDOWS\system32\DRIVERS\Tvs.sys
2011/09/19 22:45:28.0125 0272	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/19 22:45:28.0234 0272	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/19 22:45:28.0296 0272	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/09/19 22:45:28.0375 0272	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/19 22:45:28.0453 0272	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/19 22:45:28.0500 0272	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/19 22:45:28.0531 0272	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/19 22:45:28.0593 0272	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/19 22:45:28.0625 0272	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/19 22:45:28.0671 0272	usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/09/19 22:45:28.0687 0272	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/09/19 22:45:28.0734 0272	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/19 22:45:28.0765 0272	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/19 22:45:28.0781 0272	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/19 22:45:28.0828 0272	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/19 22:45:29.0046 0272	w29n51          (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2011/09/19 22:45:29.0156 0272	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/19 22:45:29.0234 0272	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/09/19 22:45:29.0375 0272	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/19 22:45:29.0500 0272	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/09/19 22:45:29.0562 0272	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/19 22:45:29.0640 0272	WudfPf          (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/19 22:45:29.0671 0272	WudfRd          (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/19 22:45:29.0765 0272	MBR (0x1B8)     (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
2011/09/19 22:45:29.0906 0272	MBR (0x1B8)     (e76625bdf2a1cd3f8abb3a60ce6e99db) \Device\Harddisk1\DR6
2011/09/19 22:45:31.0796 0272	Boot (0x1200)   (8b3e14b8b9325f0c37b7b97b70755dcc) \Device\Harddisk0\DR0\Partition0
2011/09/19 22:45:31.0812 0272	================================================================================
2011/09/19 22:45:31.0812 0272	Scan finished
2011/09/19 22:45:31.0812 0272	================================================================================
2011/09/19 22:45:31.0812 3520	Detected object count: 1
2011/09/19 22:45:31.0812 3520	Actual detected object count: 1
2011/09/19 22:45:37.0281 3520	LockedFile.Multi.Generic(sptd) - User select action: Skip

jlpjlp · Answer

repasse tdsskiller et supprime ce qui est trouvé et colle le rapport obtenu


puis colle un rapport avec dr web cureit

https://www.commentcamarche.net/telecharger/securite/7749-dr-web-cureit/

flo4242 · Answer

Voila,
alors, j'ai repassé tdsskiller et supprimé ce qui n'allait pas!
J'ai ensuite repassé tdsskiller et il détecte plus rien!

Ensuite, j'ai fait Web Cureit et lui m'a trouvé des programmes infectés que j'ai fait supprimer!
J'en l'ai repassé une autre fois et là il ne me trouve plus rien SAUF QUE maintenant quand j'allume l'ordi, j'ai un message de Daemond Tools Lite : "Ce programme nécessite au moins Windows 2000 avec SPTD 1,60 ou plus récent. Le débugger Kernel doit être désactivé".

Pour les rapports:

-2011/09/20 12:39:20.0062 1472	TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/20 12:39:20.0109 1472	================================================================================
2011/09/20 12:39:20.0109 1472	SystemInfo:
2011/09/20 12:39:20.0109 1472	
2011/09/20 12:39:20.0109 1472	OS Version: 5.1.2600 ServicePack: 3.0
2011/09/20 12:39:20.0109 1472	Product type: Workstation
2011/09/20 12:39:20.0109 1472	ComputerName: PC-PORTABLE-FLO
2011/09/20 12:39:20.0109 1472	UserName: Florent
2011/09/20 12:39:20.0109 1472	Windows directory: C:\WINDOWS
2011/09/20 12:39:20.0109 1472	System windows directory: C:\WINDOWS
2011/09/20 12:39:20.0109 1472	Processor architecture: Intel x86
2011/09/20 12:39:20.0109 1472	Number of processors: 1
2011/09/20 12:39:20.0109 1472	Page size: 0x1000
2011/09/20 12:39:20.0109 1472	Boot type: Normal boot
2011/09/20 12:39:20.0109 1472	================================================================================
2011/09/20 12:39:21.0890 1472	Initialize success
2011/09/20 12:39:23.0687 3796	================================================================================
2011/09/20 12:39:23.0687 3796	Scan started
2011/09/20 12:39:23.0687 3796	Mode: Manual; 
2011/09/20 12:39:23.0687 3796	================================================================================
2011/09/20 12:39:25.0234 3796	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/20 12:39:25.0296 3796	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/20 12:39:25.0359 3796	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/20 12:39:25.0437 3796	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/20 12:39:25.0562 3796	AgereSoftModem  (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/20 12:39:25.0812 3796	ALCXWDM         (95aa37bec6c72c277c2caeaee736dd2d) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/20 12:39:26.0000 3796	ApfiltrService  (3ed81e8b4709d13e5a38db2d8e792b28) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
2011/09/20 12:39:26.0125 3796	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/20 12:39:26.0265 3796	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/20 12:39:26.0281 3796	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/20 12:39:26.0406 3796	ati2mtag        (2fbdfec8cd60cec3d55e615865333033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/20 12:39:26.0515 3796	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/20 12:39:26.0593 3796	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/20 12:39:26.0703 3796	avgio           (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/20 12:39:26.0765 3796	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/20 12:39:26.0968 3796	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/20 12:39:27.0218 3796	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/20 12:39:27.0281 3796	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/20 12:39:27.0343 3796	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/20 12:39:27.0453 3796	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/20 12:39:27.0734 3796	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/20 12:39:27.0828 3796	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/20 12:39:28.0125 3796	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/20 12:39:28.0546 3796	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/20 12:39:29.0265 3796	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/20 12:39:29.0484 3796	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/20 12:39:29.0593 3796	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/20 12:39:29.0671 3796	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/20 12:39:29.0734 3796	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/20 12:39:29.0859 3796	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/20 12:39:29.0937 3796	drvmcdb         (f41619ae216b51d68dda163805eefaa9) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/09/20 12:39:29.0968 3796	drvnddm         (2ff629c1c443e25d0149b9dfb77e43a8) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/09/20 12:39:30.0062 3796	EMSCR           (d3d0ef132eb8f7351e0f6e8072e26331) C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
2011/09/20 12:39:30.0109 3796	ESDCR           (fcf25b9eb1876dbb3efe13baf37b7bf8) C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
2011/09/20 12:39:30.0125 3796	ESMCR           (7cec9e3a81142ea0294f2abba0b0a846) C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
2011/09/20 12:39:30.0187 3796	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/20 12:39:30.0250 3796	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/20 12:39:30.0281 3796	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/20 12:39:30.0312 3796	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/20 12:39:30.0390 3796	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/20 12:39:30.0437 3796	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/20 12:39:30.0468 3796	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/20 12:39:30.0500 3796	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/09/20 12:39:30.0546 3796	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/20 12:39:30.0703 3796	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/20 12:39:30.0765 3796	hitmanpro35     (72472b9ce5d02e443cff49a40355455d) C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011/09/20 12:39:30.0890 3796	HPZid412        (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/20 12:39:30.0937 3796	HPZipr12        (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/20 12:39:30.0953 3796	HPZius12        (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/20 12:39:31.0031 3796	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/20 12:39:31.0156 3796	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/20 12:39:31.0187 3796	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/20 12:39:31.0265 3796	IntelIde        (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/09/20 12:39:31.0281 3796	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/20 12:39:31.0328 3796	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/20 12:39:31.0375 3796	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/20 12:39:31.0406 3796	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/20 12:39:31.0453 3796	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/20 12:39:31.0500 3796	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/20 12:39:31.0562 3796	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/20 12:39:31.0609 3796	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/20 12:39:31.0640 3796	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/20 12:39:31.0781 3796	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/20 12:39:31.0843 3796	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/20 12:39:31.0890 3796	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/20 12:39:32.0015 3796	LVUSBSta        (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
2011/09/20 12:39:32.0062 3796	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/20 12:39:32.0093 3796	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/20 12:39:32.0125 3796	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/20 12:39:32.0171 3796	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/20 12:39:32.0187 3796	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/20 12:39:32.0250 3796	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/20 12:39:32.0328 3796	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/20 12:39:32.0375 3796	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/20 12:39:32.0437 3796	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/20 12:39:32.0468 3796	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/20 12:39:32.0515 3796	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/20 12:39:32.0546 3796	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/20 12:39:32.0593 3796	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/20 12:39:32.0656 3796	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/20 12:39:32.0687 3796	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/20 12:39:32.0750 3796	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/20 12:39:32.0812 3796	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/20 12:39:32.0906 3796	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
2011/09/20 12:39:32.0953 3796	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
2011/09/20 12:39:32.0984 3796	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
2011/09/20 12:39:33.0078 3796	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/20 12:39:33.0140 3796	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
2011/09/20 12:39:33.0171 3796	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
2011/09/20 12:39:33.0265 3796	Netdevio        (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS
etdevio.sys
2011/09/20 12:39:33.0328 3796	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
ic1394.sys
2011/09/20 12:39:33.0406 3796	nmwcd           (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/09/20 12:39:33.0437 3796	nmwcdc          (8f2a94f991f8c73cec26b4b5620d1edc) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/09/20 12:39:33.0500 3796	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/20 12:39:33.0562 3796	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/20 12:39:33.0656 3796	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/20 12:39:33.0703 3796	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
2011/09/20 12:39:33.0750 3796	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
2011/09/20 12:39:33.0796 3796	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/20 12:39:33.0843 3796	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/09/20 12:39:33.0937 3796	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/20 12:39:33.0984 3796	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/20 12:39:34.0031 3796	pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
2011/09/20 12:39:34.0078 3796	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/09/20 12:39:34.0140 3796	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/20 12:39:34.0218 3796	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/20 12:39:34.0250 3796	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/09/20 12:39:34.0390 3796	pepifilter      (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/09/20 12:39:34.0562 3796	PID_08A0        (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
2011/09/20 12:39:34.0671 3796	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
2011/09/20 12:39:34.0718 3796	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/20 12:39:34.0921 3796	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/20 12:39:34.0953 3796	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/20 12:39:35.0093 3796	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
2011/09/20 12:39:35.0140 3796	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
2011/09/20 12:39:35.0171 3796	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
2011/09/20 12:39:35.0187 3796	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
2011/09/20 12:39:35.0234 3796	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
2011/09/20 12:39:35.0359 3796	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/20 12:39:35.0421 3796	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/20 12:39:35.0484 3796	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
2011/09/20 12:39:35.0578 3796	RTL8023xp       (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
2011/09/20 12:39:35.0656 3796	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/20 12:39:35.0734 3796	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/09/20 12:39:35.0781 3796	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/20 12:39:35.0843 3796	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/20 12:39:35.0890 3796	SerTVOutCtlr    (c996c839a3261cab5409c61e5702b620) C:\WINDOWS\system32\drivers\EPIOMngr.sys
2011/09/20 12:39:35.0984 3796	sffdisk         (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/09/20 12:39:36.0046 3796	sffp_sd         (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/09/20 12:39:36.0078 3796	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/09/20 12:39:36.0171 3796	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/20 12:39:36.0250 3796	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/20 12:39:36.0343 3796	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/20 12:39:36.0421 3796	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/20 12:39:36.0468 3796	SrvcEKIOMngr    (3b01a9316255cdd17f9c8e79aa573406) C:\WINDOWS\system32\Drivers\EKIoMngr.sys
2011/09/20 12:39:36.0515 3796	SrvcSSIOMngr    (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys
2011/09/20 12:39:36.0593 3796	sscdbhk5        (1cbd1b58a32de97899f5290b05f856db) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/09/20 12:39:36.0718 3796	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/20 12:39:36.0765 3796	ssrtln          (7fb07ac152d7a87e66204860002bd9a4) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/09/20 12:39:36.0859 3796	StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/09/20 12:39:37.0031 3796	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/20 12:39:37.0078 3796	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/20 12:39:37.0109 3796	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/20 12:39:37.0265 3796	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/20 12:39:37.0359 3796	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
2011/09/20 12:39:37.0437 3796	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/20 12:39:37.0484 3796	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/20 12:39:37.0531 3796	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
2011/09/20 12:39:37.0578 3796	tfsnboio        (2da3ca4022abb0802de7eeda574e78d6) C:\WINDOWS\system32\dla	fsnboio.sys
2011/09/20 12:39:37.0640 3796	tfsncofs        (c8d6928759b77701c21dc90ad61197f2) C:\WINDOWS\system32\dla	fsncofs.sys
2011/09/20 12:39:37.0687 3796	tfsndrct        (bacdef5510fa643683cddca418e49446) C:\WINDOWS\system32\dla	fsndrct.sys
2011/09/20 12:39:37.0718 3796	tfsndres        (9cf2b32430c9bbd43ef1c3cae80940d3) C:\WINDOWS\system32\dla	fsndres.sys
2011/09/20 12:39:37.0750 3796	tfsnifs         (6aef3ec0b64689536891a9b96e9d7b82) C:\WINDOWS\system32\dla	fsnifs.sys
2011/09/20 12:39:37.0828 3796	tfsnopio        (7239873a72dd456f6e74e6987cdb9687) C:\WINDOWS\system32\dla	fsnopio.sys
2011/09/20 12:39:37.0875 3796	tfsnpool        (b78631e3593ddd76a4a8ba7cb8e32302) C:\WINDOWS\system32\dla	fsnpool.sys
2011/09/20 12:39:37.0906 3796	tfsnudf         (9e8b4abb93e5784fc4e5d3202566cc7a) C:\WINDOWS\system32\dla	fsnudf.sys
2011/09/20 12:39:37.0937 3796	tfsnudfa        (056fa0a11ba4cd688e1e40e48ffee921) C:\WINDOWS\system32\dla	fsnudfa.sys
2011/09/20 12:39:38.0046 3796	tosporte        (e46fb54be8a2a395fe96633b838baafe) C:\WINDOWS\system32\DRIVERS	osporte.sys
2011/09/20 12:39:38.0093 3796	Tosrfbd         (81546df5dea8abf2c8864d6d1f724b35) C:\WINDOWS\system32\Drivers	osrfbd.sys
2011/09/20 12:39:38.0140 3796	Tosrfbnp        (fe200eece7521061cdad658c6ee4f341) C:\WINDOWS\system32\Drivers	osrfbnp.sys
2011/09/20 12:39:38.0187 3796	Tosrfcom        (d185be751021bcf1e5d58566d408314a) C:\WINDOWS\system32\Drivers	osrfcom.sys
2011/09/20 12:39:38.0250 3796	tosrfec         (28c252f4311244a07b6dafc1fa0a2b0e) C:\WINDOWS\system32\DRIVERS	osrfec.sys
2011/09/20 12:39:38.0281 3796	Tosrfhid        (341612b9758054e5965bcd6ae111b8f9) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2011/09/20 12:39:38.0328 3796	tosrfnds        (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS	osrfnds.sys
2011/09/20 12:39:38.0359 3796	Tosrfusb        (ddb8a339e57d514768f45d33b11bdb50) C:\WINDOWS\system32\Drivers	osrfusb.sys
2011/09/20 12:39:38.0390 3796	TPwSav          (542dd0c0d8a1aa428a8c8d1517edb679) C:\WINDOWS\system32\Drivers\TPwSav.sys
2011/09/20 12:39:38.0453 3796	Tvs             (7bc87d123f504d161693f672cfe99ec4) C:\WINDOWS\system32\DRIVERS\Tvs.sys
2011/09/20 12:39:38.0531 3796	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/20 12:39:38.0656 3796	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/20 12:39:38.0734 3796	upperdev        (ec01da44b090d2651fc032c8b9257232) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/09/20 12:39:38.0812 3796	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/20 12:39:38.0875 3796	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/20 12:39:38.0937 3796	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/20 12:39:38.0968 3796	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/20 12:39:39.0031 3796	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/20 12:39:39.0109 3796	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/20 12:39:39.0171 3796	usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
2011/09/20 12:39:39.0203 3796	UsbserFilt      (4abd37cfbd710e64f01f9da8710c73f7) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/09/20 12:39:39.0250 3796	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/20 12:39:39.0281 3796	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/20 12:39:39.0312 3796	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/20 12:39:39.0375 3796	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/20 12:39:39.0609 3796	w29n51          (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
2011/09/20 12:39:39.0796 3796	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/20 12:39:39.0859 3796	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/09/20 12:39:39.0953 3796	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/20 12:39:40.0062 3796	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/09/20 12:39:40.0140 3796	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/20 12:39:40.0218 3796	WudfPf          (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/20 12:39:40.0250 3796	WudfRd          (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/20 12:39:40.0343 3796	MBR (0x1B8)     (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
2011/09/20 12:39:40.0500 3796	Boot (0x1200)   (8b3e14b8b9325f0c37b7b97b70755dcc) \Device\Harddisk0\DR0\Partition0
2011/09/20 12:39:40.0500 3796	================================================================================
2011/09/20 12:39:40.0500 3796	Scan finished
2011/09/20 12:39:40.0500 3796	================================================================================
2011/09/20 12:39:40.0515 3904	Detected object count: 0
2011/09/20 12:39:40.0515 3904	Actual detected object count: 0


-attr.dat	C:\ComboFix	Probablement SCRIPT.Virus	Irréparable.Supprimé.
 List-C.bat  C:\ComboFix	Probablement BATCH.Virus  Irréparable.Supprimé.

jlpjlp · Answer

branche tes supports externes et colle un rapport de recherche avec usbfix 

http://www.commentcamarche.net/download/telecharger-34079838-usbfix

flo4242 · Answer

Alors dsl mais je n'arrivais pas a poster de messages...
Voila ce que tu m'as demandé:
############################## | UsbFix 7.036 | [Recherche]

Utilisateur: Florent (Administrateur) # PC-PORTABLE-FLO [ ]
Mis à jour le 20/12/10 par El Desaparecido / C_XX
Lancé à 17:02:17 | 23/09/2011
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org

CPU:  Intel(R) Pentium(R) M processor 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Pare-feu Windows: Activé
Antivirus: AntiVir Desktop 10.0.1.59 [(!) Disabled | Updated]
RAM -> 1022 Mo 
C:\ (%systemdrive%) -> Disque fixe # 93 Go (9 Go libre(s) - 10%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Disque fixe # 298 Go (140 Go libre(s) - 47%) [Iomega HDD] # NTFS
F:\ -> Disque amovible # 2 Go (143 Mo libre(s) - 7%) [MARINETTE] # FAT
G:\ -> Disque amovible # 4 Go (3 Go libre(s) - 89%) [CLEF FLO] # FAT32

################## | Éléments infectieux |



################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{61eeaa90-7532-11df-b7ea-0013cec0d134}
Shell\AutoRun\Command = F:\LaunchU3.exe -a


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |


Depuis, mon antivirus m'a trouvé un virus, qu'il a soit disant supprimé et surtout, j'ai des mails qui s'envoie tout seul depuis ma boite hotmail...

jlpjlp · Answer

ok

quel virus? quels fichier infecté?


passe l'option de vaccination avec usbfix

puis


télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

flo4242 · Answer

voila les messages que j'ai eu:
- le 22/09/11 : Dans le fichier 'C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP382\A0078803.bat'
un virus ou un programme indésirable 'HEUR/HTML.Malware' [heuristic] a été détecté.
Action exécutée : Refuser l'accès

Le fichier 'C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP382\A0078803.bat'
 contenait un virus ou un programme indésirable 'HEUR/HTML.Malware' [heuristic].
Action(s) exécutée(s) :
Le résultat positif a été classé comme suspect.
Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4df1e5cf.qua' !

- le 26/09/11 : Dans le fichier 'C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP382\A0079823.bat'
un virus ou un programme indésirable 'HEUR/HTML.Malware' [heuristic] a été détecté.
Action exécutée : Refuser l'accès

Le fichier 'C:\System Volume Information\_restore{58F2378A-346C-49C9-9919-D1D804F5FDA0}\RP382\A0079823.bat'
 contenait un virus ou un programme indésirable 'HEUR/HTML.Malware' [heuristic].
Action(s) exécutée(s) :
Le résultat positif a été classé comme suspect.
Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ce744c9.qua' !

- Aujourd'hui : Dans le fichier 'C:\Documents and Settings\Florent\Local Settings\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\Cache\_CACHE_001_'
un virus ou un programme indésirable 'HTML/Infected.WebPage.Gen' [virus] a été détecté.
Action exécutée : Autoriser l'accès

Le fichier 'C:\Documents and Settings\Florent\Local Settings\Application Data\Mozilla\Firefox\Profiles\hpz0005s.default\Cache\_CACHE_001_'
 contenait un virus ou un programme indésirable 'HTML/Infected.WebPage.Gen' [virus].
Action(s) exécutée(s) :
Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4c8343a1.qua' !


Voila, pour le combo fix, j'essai ce soir!!

jlpjlp · Answer

ok les infections sont dans la quarantaine . cela s enleve facilement . on verra après combofix

Trop de processus svchost.exe

24 réponses

Discussions similaires