Gen variant kazy [Résolu]

Réponse 1 / 39

Mojito27 Messages postés 2 Date d'inscription Statut Membre Dernière intervention

Bonsoir, Tu as essayée Malwarebytes, Ad.remover, ComboFix & tout çà ...?

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

mince, j'avais pourtant répondu ce matin, je me demande ce qui s'est passé.

NON pas utilisé maleware ni adremover mais OUI combofix et usbfix avant passage à l'antivirus gdata. toutefois j'ai déjà utilisé maleware il y a un an ou deux donc il est présent me semble t-il sur mon pc.

actuellement, le clavier est normal et aucune fenêtre ne revient en arrière : cela depuis la mise en quarantaine du virus par gdata (j'avais coché supprimer si impossible désinfecter mais il l'a mis en quarantaine, c'est sans doute qu'il ne peut pas le détruire ?)

mais la fleche shif sous MAJ ne saisit plus les o, v, c, x,w et point d'interro en majuscules lorsque je maintiens shift appouyé, donc l'infection est encore présente (ou alors c'est un autre problème)

j'ai deux périphériques utilisés depuis l'infection (aucune clé usb depuis 4 semaines donc je ne les ai pas branchées) : smartphone htc tout récent, à vrai dire la veille du virus (ça n'a pas de rapport je suppose mais je le signale à tout hasard). idem pour le kindle : en fonction juste avant l'arrivée du virus, j'ai télécharhé des ebooks sur amazon, gutenberg, ebooksgratuits et delphi)

Réponse 2 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

je viens de faire un zhp dignosticn je le poste à tout hasard mais avant ça, pardon, j'ai oublié quelque chose de très important : comme mon pc réclamait le driver du téléphone htc, j'ai téléchargé bêtement driver mender et là les ennuis ont commencé quelques heures après : clavier affecté puis au fil des jours fenêtres mobiles. je l'ai supprimé sans le trouver dans les programmes installés et cela uniquement APRES le nettoyage fait par l'informaticien.

Rapport de ZHPDiag v1.28.262 par Nicolas Coolman, Update du 07/12/2011
Run by h at 10/12/2011 08:49:48
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19154
MFIE: Mozilla Firefox 8.0 v8.0 (Defaut)
GCIE: Google Chrome

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 190 GB (65%) free of 287 GB

---\\ Logged in mode
~ Computer Name: PC-DE-H
~ User Name: h
~ All Users Names: h, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\h\AppData\Roaming\
~ %Desktop% : C:\Users\h\Desktop\
~ %Favorites% : C:\Users\h\Favorites\
~ %LocalAppData% : C:\Users\h\AppData\Local\
~ %StartMenu% : C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 190 Go of 287 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)
G:\ Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.20/10/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.08/04/2009 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.08/04/2009 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.18F17E90657528C232B1944DEB4EC160] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/10/2011 - 00:06:24.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/10/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.08/04/2009 - 16:46:53.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.20/10/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.08/04/2009 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/10/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/10/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.08/04/2009 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.08/04/2009 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.16/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.20/10/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/10/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.08/04/2009 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.08/04/2009 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.08/04/2009 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.20/10/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.20/10/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/10/2009 - 07:32:55.) -- C:\Windows\system32\drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 4/2139
~ Mes musiques (My Musics) : 413/1432
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 7/248
~ Mes Documents (My Documents) : 36/1593
~ Mon Bureau (My Desktop) : 3/40
~ Menu demarrer (Programs) : 6/32
~ Scan Hidden Files in 00mn 07s

---\\ Processus lancés
[MD5.6C4878F3483B959891408B804DE4475C] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344] [PID.3520]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.3528]
[MD5.1131F49F162539DD4834C67B4E93CD89] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136] [PID.3540]
[MD5.498A9E93BCBBB3FBCEAB2ADA3B66658E] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.3560]
[MD5.B7327547A63026B54B57ED4F9E417B8B] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [210216] [PID.3568]
[MD5.A168271E4AC1688C162534D412F283AE] - (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224] [PID.3584]
[MD5.2C45AF6FB8AADD7959078CC1B13B1A65] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [206128] [PID.3608]
[MD5.692493B9136287C06DE23F7CE823FC40] - (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432] [PID.3644]
[MD5.DEF690463DBF4A7A24684C7CB0B6AF03] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450663] [PID.3652]
[MD5.8DC7685764B22DB97891012026FA7ED1] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [141608] [PID.3668]
[MD5.E2724029D3648C2EB226D16678727FA9] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256] [PID.3676]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552] [PID.3744]
[MD5.4DEEE0D77498D818B486E3172053BD03] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [315478] [PID.3760]
[MD5.E2A076EF3FE8A23782D97C1450DD03D7] - (.G DATA Software AG - G DATA Personal Firewall.) -- C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe [1124936] [PID.3768]
[MD5.649667D4793ABA2B1CD933AA14278C0D] - (.G Data Software AG - G Data InternetSecurity Tray Application.) -- C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe [925768] [PID.3780]
[MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.3788]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3796]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.3816]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.3104]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1200]
[MD5.C8649EDF4955DE896A7AED515C932B09] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4908]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.5148]
[MD5.F28C33D2589F7B89185F3B9445641F84] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [628016] [PID.5532]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5696]
[MD5.A44B7EC42F4D4FA13D91F5D0F8998287] - (.G Data Software AG - G Data SecurityCenter.) -- C:\Program Files\G Data\TotalCare\GUI\GDSC.exe [1514056] [PID.5244]
[MD5.694AF8B27C9A0A99399E02CE977F986B] - (.Microsoft Corporation - Paint.) -- C:\Windows\System32\mspaint.exe [485376] [PID.4948]
[MD5.294ACD3C9C99017CE6A9DA2AB60CCCE5] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2209792] [PID.10852]
[MD5.D4762639FF9095BBBC69F4ECD4C0861B] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [729088] [PID.]
[MD5.5508A51D0B0180DE6EFBD00A47EEA608] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\STacSV.exe [237661] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]
[MD5.6D0AC28C5BD8D8495F83F5929A45E559] - (.Hewlett-Packard Corporation - HpService.) -- C:\Windows\system32\Hpservice.exe [19456] [PID.]
[MD5.B0E0C879A09BFC7CD7F792D185E4DEA5] - (.Lexmark International, Inc. - LexBce Service.) -- C:\Windows\System32\LEXBCES.EXE [300544] [PID.]
[MD5.CF0FC6B42FD4CB94BBD910FAE824FCF1] - (.Lexmark International, Inc. - LEXPPS.EXE.) -- C:\Windows\System32\LEXPPS.EXE [169984] [PID.]
[MD5.3B1B2EE9DF189F6BBB080BF393D1B2EE] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe [77824] [PID.]
[MD5.4B5AE15E5C73EB4DC8DBEC2788230D41] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.9AB5ED2F5F2A9DC947F13CF0D39843B3] - (.G Data Software AG - G Data AntiVirus Proxy Service.) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe [1054792] [PID.]
[MD5.2064FEBDA3F9031B6C416740985F3259] - (.G Data Software AG - G Data InternetSecurity Scheduler Service.) -- C:\Program Files\G Data\TotalCare\AVK\AVKService.exe [397896] [PID.]
[MD5.360E4F34D4FD87A432639A48054954EA] - (.G Data Software AG - G Data Filesystem Monitor Service.) -- C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe [1251488] [PID.]
[MD5.941E435E5A903CC60E50E72037FA39D0] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476] [PID.]
[MD5.3F56903E124E820AEECE6D471583C6C1] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [238888] [PID.]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.BC0A4D47472B042537F4E57B950415FA] - (.Pas de propriétaire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.]
[MD5.805AE1F90C64758D19AAA001CF8CBA12] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734] [PID.]
[MD5.1C31169DDDC70C1605F703DA701EAEEA] - (.Pas de propriétaire - CLCapSvc Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320] [PID.]
[MD5.290B8C381DBC15D3DBCBD2BDB6B0BA12] - (.Pas de propriétaire - CLSched Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096] [PID.]
[MD5.6986302B57BFFC135414488FA67464F1] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [102503] [PID.]
[MD5.D31F31342349964E245EAAC1BDC5F6A6] - (.G Data Software AG - G Data AntiVirus Scan Server.) -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe [302152] [PID.]
[MD5.188FF0ADF66768D53AD94F43972E1E9A] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232] [PID.]
[MD5.476B1500901D17A357E3EA691087D26E] - (.G Data Software AG - G Data Persoonlijke Firewall.) -- C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe [1547104] [PID.]
[MD5.12E94E225BD7B05A2BCCD5C0B841E921] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [222512] [PID.]
[MD5.1E6F080D5EDB4C3B4C4EB787A0848DCC] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545576] [PID.]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.]
[MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.]
~ Scan Processes Running in 00mn 05s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\u4hhb6xf.default\prefs.js
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [h] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [h - u4hhb6xf.default] https://login.yahoo.com/
M2 - MFEP: prefs.js [h - u4hhb6xf.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [h - u4hhb6xf.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.4.4.20111124104102 (.Yahoo!.)
M2 - MFEP: prefs.js [h - u4hhb6xf.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20111107 (.WOT Services Oy.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\System32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 01s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} . (.G Data Software AG - G Data WebFilter Plugin.) -- C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} . (.G Data Software AG - G Data WebFilter Plugin.) -- C:\Program Files\G Data\TotalCare\Webfilter\AVKWebIE.dll
~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Run: [TVAgent] . (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
O4 - HKLM\..\Run: [UCam_Menu] Clé orpheline
O4 - HKLM\..\Run: [SmartMenu] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] Clé orpheline
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] . (.G DATA Software AG - G DATA Personal Firewall.) -- C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] . (.G Data Software AG - G Data InternetSecurity Tray Application.) -- C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
O4 - HKUS\S-1-5-21-3104449442-508549085-2972703644-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-3104449442-508549085-2972703644-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe
O4 - HKUS\S-1-5-21-3104449442-508549085-2972703644-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
~ Scan Application in 00mn 01s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\h\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe
O4 - Global Startup: C:\Users\h\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\h\Desktop\Free CD Ripper.lnk . (...) -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - Global Startup: C:\Users\h\Desktop\Free Mp3 Wma Converter.lnk . (.Renan Broquin.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\h\Desktop\Kindle.lnk . (.Amazon.com.) -- C:\Users\h\AppData\Local\Amazon\Kindle\application\Kindle.exe
O4 - Global Startup: C:\Users\h\Desktop\Microsoft Office - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\h\Desktop\Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
O4 - Global Startup: C:\Users\h\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\h\Desktop\Notepad.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\notepad.exe
O4 - Global Startup: C:\Users\h\Desktop\On-Screen Keyboard.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\osk.exe
O4 - Global Startup: C:\Users\h\Desktop\Paint.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\mspaint.exe
O4 - Global Startup: C:\Users\h\Desktop\Sound Recorder.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SoundRecorder.exe
O4 - Global Startup: C:\Users\h\Desktop\Windows Media Player (2).lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy Audio Cutter.lnk . (.Renan Broquin.) -- C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free CD Ripper.lnk . (...) -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (.Renan Broquin.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...) -- C:\Windows\Installer\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}\_3D6C77F60D97007F65EA64.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Paint.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\mspaint.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sound Recorder (2).lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SoundRecorder.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Sound Recorder.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\SoundRecorder.exe
O4 - Global Startup: C:\Users\h\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player (2).lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 05s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Scan Winsock in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CB5614F-A196-4B88-A12E-F57F2E6BB4CC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C613DDF9-F2B3-4F01-9AF2-2345EB33A796}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CB5614F-A196-4B88-A12E-F57F2E6BB4CC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C613DDF9-F2B3-4F01-9AF2-2345EB33A796}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Windows\system32\skype4com.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) . (.G Data Software AG - G Data AntiVirus Proxy Service.) - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: Planificateur G Data (AVKService) . (.G Data Software AG - G Data InternetSecurity Scheduler Service.) - C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
O23 - Service: G Data Gardien (AVKWCtl) . (.G Data Software AG - G Data Filesystem Monitor Service.) - C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
O23 - Service: BlueSoleilCS (BlueSoleilCS) . (.IVT Corporation - Bluetooth Application.) - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Corporation - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: LexBce Server (LexBceS) . (.Lexmark International, Inc. - LexBce Service.) - C:\Windows\System32\LEXBCES.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Power Control [2009/05/20 03:51:39] ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Scan Services in 00mn 01s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
[MD5.AE37F6508716D2DD6122744C46686BEC] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeLogonTaskS-1-5-21-3104449442-508549085-2972703644-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.B7EE47B4D960BF55BDD7EC1812373872] [APT] [RealUpgradeScheduledTaskS-1-5-21-3104449442-508549085-2972703644-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.48C6E7EE4D38798FABFBA5713FFF1244] [APT] [RNUpgradeHelperResumePrompt_h] (.RealNetworks, Inc..) -- C:\Users\h\AppData\Roaming\Real\Update\Upgradehelper\RealPlayer\9.00\rnupgagent.exe
[MD5.00000000000000000000000000000000] [APT] [Secunia PSI Logon Task] (...) -- C:\Program Files\Secunia\PSI\psi.exe (.not file.)
[MD5.7B43567B4C32AD7ADED537CD3B1342B9] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 04s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\Windows\system32\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r42.) -- C:\Windows\System32\Macromed\Flash\Flash10d.ocx
~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (gdwfpcd) . (.G DATA Software AG - G DATA WFP Callout Driver.) - C:\Windows\system32\DRIVERS\gdwfpcd32.sys
O41 - Driver: (GRD) . (.G Data Software - G Data Rootkit Detector Driver.) - C:\Windows\system32\drivers\GRD.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 01s

---\\ Logiciels installés (O42)
O42 - Logiciel: AMD USB Audio Driver Filter - (.Advanced Micro Devices, Inc..) [HKLM] -- {A3AB35FA-943E-4799-99DC-46EFD59E998F}
O42 - Logiciel: AMR to MP3 Converter 1.4 - (.www.amrtomp3converter.com.) [HKLM] -- {C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
O42 - Logiciel: Amazon Kindle - (.Amazon.) [HKCU] -- Amazon Kindle
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: Bluesoleil 5.4.277.0 - (.IVT Corporation.) [HKLM] -- {25887983-54F3-4F55-A7C5-91229AD67C16}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {187817E2-6407-461C-B59B-56CE73363D34}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Free FLV Converter V 6.92.0 - (.Koyote Soft.) [HKLM] -- Free FLV Converter_is1
O42 - Logiciel: Free Mp3 Wma Converter V 1.4.0 - (.Renan Broquin.) [HKLM] -- Free Mp3 Wma Converter_is1
O42 - Logiciel: G Data TotalCare - (.G Data Software AG.) [HKLM] -- {C8D55041-A13C-4620-8DF4-9C5A9C16908D}
O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}
O42 - Logiciel: HP Common Access Service Library - (.Hewlett-Packard.) [HKLM] -- {732A3F80-008B-4350-BD58-EC5AE98707B8}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {57A5AEC1-97FC-474D-92C4-908FCC2253D4}
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard Company.) [HKLM] -- {0054A0F6-00C9-4498-B821-B5C9578F433E}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {A7AC8E69-01FF-494E-9A2C-423B82CEA604}
O42 - Logiciel: HP MediaSmart TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart TV - (.Hewlett-Packard.) [HKLM] -- {67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP Quick Launch Buttons 6.40 L1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {47F36D92-E58E-456D-B73C-3382737E4C42}
O42 - Logiciel: HP User Guides 0126 - (.Hewlett-Packard.) [HKLM] -- {36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {E5E29403-3D25-40C6-892B-F9FEE2A95585}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-

Réponse 3 / 39

cabrier Messages postés 5591 Date d'inscription Statut Contributeur sécurité Dernière intervention 702

salut,

Il ne reste pas grand chose !

Utilise cet outil de désinfection spécifique aux logiciels publicitaires :

* Télécharge AdwCleaner (de Xplode) sur ton Bureau.
* Lance le, clique sur Suppression puis patiente le temps du scan.
* Une fois le scan terminé, un rapport s'ouvrira : poste le dans ta prochaine réponse.

Réponse 4 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

bonjour cabrier,

# AdwCleaner v1.401 - Rapport créé le 10/12/2011 à 09:44:55
# Mis à jour le 06/12/11 à 19h par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : h - PC-DE-H (Administrateur)
# Exécuté depuis : C:\Users\h\Downloads\adwcleaner.exe
# Option [Suppression]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\h\AppData\Roaming\OpenCandy
Dossier Supprimé : C:\Users\h\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
Dossier Supprimé : C:\Users\h\AppData\Local\OpenCandy

***** [Registre] *****

Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\chat-land.org

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.6001.19154

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v8.0 (fr)

Profil : u4hhb6xf.default
Fichier : C:\Users\h\AppData\Roaming\Mozilla\Firefox\Profiles\u4hhb6xf.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [1237 octets] - [10/12/2011 09:44:55]

*************************

Dossier Temporaire : 4 dossier(s)et 5 fichier(s) supprimés

########## EOF - C:\AdwCleaner[S1].txt - [1456 octets] ##########

Réponse 5 / 39

cabrier Messages postés 5591 Date d'inscription Statut Contributeur sécurité Dernière intervention 702

hello cosye,

Je ne peux pas traiter plus d'un sujet à la fois (je suis une formation d'Helper !)
J'ai demandé à Malekal_morte- s'il voulait bien te prendre en charge pour la suite.
C'est un pro !

Je suis de loin ton problème.

A+

Réponse 6 / 39

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

Hello suite à la demande de cabrier

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan" Clique ici pour l'aide en image

Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=15

Réponse 7 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

entendu cabrier, merci.

bonsoir juju,

je viens de rentrer et j'ai découvert ton mesage + le résultat du scan que j'ai lancé : étrangement, il est toujours là le virus, et Gdata prétend qu'il l'a supprimé.

j'ai toujours des problèmes de clavier : retour en arrière par effacement des lettres à gauche du curseur ! j'ai l'imrpession d'être dans un cauchemar !

bon, j'en ai fini avec mes remarques et j'exécute les directives tout de suite.

Réponse 8 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

il n'a rien détecté si je ne me trompe pas

19:07:26.0469 0832 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
19:07:27.0561 0832 ============================================================
19:07:27.0561 0832 Current date / time: 2011/12/10 19:07:27.0561
19:07:27.0561 0832 SystemInfo:
19:07:27.0561 0832
19:07:27.0561 0832 OS Version: 6.0.6002 ServicePack: 2.0
19:07:27.0561 0832 Product type: Workstation
19:07:27.0577 0832 ComputerName: PC-DE-H
19:07:27.0577 0832 UserName: h
19:07:27.0577 0832 Windows directory: C:\Windows
19:07:27.0577 0832 System windows directory: C:\Windows
19:07:27.0577 0832 Processor architecture: Intel x86
19:07:27.0577 0832 Number of processors: 2
19:07:27.0577 0832 Page size: 0x1000
19:07:27.0577 0832 Boot type: Normal boot
19:07:27.0577 0832 ============================================================
19:07:29.0184 0832 Initialize success
19:07:32.0023 5716 ============================================================
19:07:32.0023 5716 Scan started
19:07:32.0023 5716 Mode: Manual;
19:07:32.0023 5716 ============================================================
19:07:33.0302 5716 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys
19:07:33.0302 5716 Accelerometer - ok
19:07:33.0365 5716 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
19:07:33.0365 5716 ACPI - ok
19:07:33.0443 5716 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
19:07:33.0443 5716 adp94xx - ok
19:07:33.0489 5716 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
19:07:33.0489 5716 adpahci - ok
19:07:33.0552 5716 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
19:07:33.0552 5716 adpu160m - ok
19:07:33.0567 5716 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
19:07:33.0567 5716 adpu320 - ok
19:07:33.0692 5716 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
19:07:33.0692 5716 AFD - ok
19:07:33.0770 5716 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
19:07:33.0770 5716 agp440 - ok
19:07:33.0801 5716 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:07:33.0817 5716 aic78xx - ok
19:07:33.0833 5716 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
19:07:33.0833 5716 aliide - ok
19:07:33.0864 5716 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
19:07:33.0864 5716 amdagp - ok
19:07:33.0879 5716 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
19:07:33.0895 5716 amdide - ok
19:07:33.0911 5716 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
19:07:33.0911 5716 AmdK7 - ok
19:07:33.0942 5716 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
19:07:33.0942 5716 AmdK8 - ok
19:07:34.0004 5716 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
19:07:34.0004 5716 arc - ok
19:07:34.0035 5716 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
19:07:34.0051 5716 arcsas - ok
19:07:34.0098 5716 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:34.0098 5716 AsyncMac - ok
19:07:34.0145 5716 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
19:07:34.0145 5716 atapi - ok
19:07:34.0254 5716 athr (02d34ac487df3da4e3f01874e61eb619) C:\Windows\system32\DRIVERS\athr.sys
19:07:34.0254 5716 athr - ok
19:07:34.0457 5716 atikmdag (dea99f7c76206aebdc0e390b0a1336c6) C:\Windows\system32\DRIVERS\atikmdag.sys
19:07:34.0488 5716 atikmdag - ok
19:07:34.0566 5716 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
19:07:34.0566 5716 AtiPcie - ok
19:07:34.0706 5716 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:07:34.0706 5716 Beep - ok
19:07:34.0784 5716 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
19:07:34.0784 5716 blbdrive - ok
19:07:34.0862 5716 BlueletAudio (05c2204229cadc0a74553ed71a6e3e6f) C:\Windows\system32\DRIVERS\blueletaudio.sys
19:07:34.0862 5716 BlueletAudio - ok
19:07:34.0893 5716 BlueletSCOAudio (61cc3e8fe7a041630ec8c701a2594a36) C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
19:07:34.0893 5716 BlueletSCOAudio - ok
19:07:34.0987 5716 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
19:07:34.0987 5716 bowser - ok
19:07:35.0049 5716 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:07:35.0065 5716 BrFiltLo - ok
19:07:35.0096 5716 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:07:35.0096 5716 BrFiltUp - ok
19:07:35.0143 5716 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
19:07:35.0143 5716 Brserid - ok
19:07:35.0174 5716 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:07:35.0174 5716 BrSerWdm - ok
19:07:35.0205 5716 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:07:35.0205 5716 BrUsbMdm - ok
19:07:35.0221 5716 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
19:07:35.0221 5716 BrUsbSer - ok
19:07:35.0315 5716 BT (33a331bd56aeaef290e175e926d52c57) C:\Windows\system32\DRIVERS\btnetdrv.sys
19:07:35.0315 5716 BT - ok
19:07:35.0330 5716 BTCOM - ok
19:07:35.0346 5716 BTCOMBUS - ok
19:07:35.0408 5716 Btcsrusb (cd4113699ce34fe4b63c99aaa13f10c1) C:\Windows\system32\Drivers\btcusb.sys
19:07:35.0408 5716 Btcsrusb - ok
19:07:35.0486 5716 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
19:07:35.0486 5716 BthEnum - ok
19:07:35.0533 5716 BtHidBus (ac2e61482a57ea50730f8c2679f37040) C:\Windows\system32\Drivers\BtHidBus.sys
19:07:35.0533 5716 BtHidBus - ok
19:07:35.0564 5716 BTHidEnum - ok
19:07:35.0595 5716 BTHidMgr - ok
19:07:35.0673 5716 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:07:35.0673 5716 BTHMODEM - ok
19:07:35.0767 5716 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
19:07:35.0783 5716 BthPan - ok
19:07:35.0861 5716 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
19:07:35.0876 5716 BTHPORT - ok
19:07:36.0001 5716 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
19:07:36.0001 5716 BTHUSB - ok
19:07:36.0079 5716 btnetBUs (6783c5c81bfb640469468a80dfa1ccb3) C:\Windows\system32\Drivers\btnetBus.sys
19:07:36.0079 5716 btnetBUs - ok
19:07:36.0188 5716 catchme - ok
19:07:36.0329 5716 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:07:36.0329 5716 cdfs - ok
19:07:36.0422 5716 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
19:07:36.0422 5716 cdrom - ok
19:07:36.0469 5716 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
19:07:36.0485 5716 circlass - ok
19:07:36.0531 5716 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
19:07:36.0531 5716 CLFS - ok
19:07:36.0625 5716 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
19:07:36.0625 5716 CmBatt - ok
19:07:36.0641 5716 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
19:07:36.0641 5716 cmdide - ok
19:07:36.0734 5716 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
19:07:36.0734 5716 Compbatt - ok
19:07:36.0812 5716 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
19:07:36.0812 5716 crcdisk - ok
19:07:36.0843 5716 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
19:07:36.0843 5716 Crusoe - ok
19:07:36.0921 5716 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
19:07:36.0921 5716 DfsC - ok
19:07:36.0999 5716 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
19:07:36.0999 5716 disk - ok
19:07:37.0093 5716 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:07:37.0093 5716 drmkaud - ok
19:07:37.0155 5716 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
19:07:37.0155 5716 DXGKrnl - ok
19:07:37.0249 5716 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:07:37.0249 5716 E1G60 - ok
19:07:37.0311 5716 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
19:07:37.0311 5716 Ecache - ok
19:07:37.0405 5716 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
19:07:37.0405 5716 elxstor - ok
19:07:37.0483 5716 enecir (004b2ea6cc2598ec5f0552e43ce29cef) C:\Windows\system32\DRIVERS\enecir.sys
19:07:37.0483 5716 enecir - ok
19:07:37.0561 5716 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
19:07:37.0561 5716 ErrDev - ok
19:07:37.0639 5716 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
19:07:37.0639 5716 exfat - ok
19:07:37.0701 5716 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
19:07:37.0701 5716 fastfat - ok
19:07:37.0733 5716 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
19:07:37.0733 5716 fdc - ok
19:07:37.0795 5716 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:07:37.0795 5716 FileInfo - ok
19:07:37.0826 5716 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:07:37.0826 5716 Filetrace - ok
19:07:37.0857 5716 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:07:37.0857 5716 flpydisk - ok
19:07:37.0935 5716 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
19:07:37.0935 5716 FltMgr - ok
19:07:38.0013 5716 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:07:38.0013 5716 Fs_Rec - ok
19:07:38.0060 5716 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
19:07:38.0060 5716 gagp30kx - ok
19:07:38.0138 5716 GDBehave (d54a94bb49ec52a930eb39a3eb4f43c6) C:\Windows\system32\drivers\GDBehave.sys
19:07:38.0138 5716 GDBehave - ok
19:07:38.0232 5716 GDMnIcpt (76e409e9264e6732359f89fbcac098a7) C:\Windows\system32\drivers\MiniIcpt.sys
19:07:38.0232 5716 GDMnIcpt - ok
19:07:38.0325 5716 GDPkIcpt (9c6e7f164cb5a8b968258eef110dbb1e) C:\Windows\system32\drivers\PktIcpt.sys
19:07:38.0325 5716 GDPkIcpt - ok
19:07:38.0435 5716 gdwfpcd (df12e76844f20e6537991e127f1202f4) C:\Windows\system32\DRIVERS\gdwfpcd32.sys
19:07:38.0435 5716 gdwfpcd - ok
19:07:38.0481 5716 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\drivers\GEARAspiWDM.sys
19:07:38.0481 5716 GEARAspiWDM - ok
19:07:38.0544 5716 GRD (0ac851cdcba2d19ac13c3975edfca777) C:\Windows\system32\drivers\GRD.sys
19:07:38.0544 5716 GRD - ok
19:07:38.0606 5716 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
19:07:38.0606 5716 HdAudAddService - ok
19:07:38.0653 5716 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:07:38.0653 5716 HDAudBus - ok
19:07:38.0684 5716 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:07:38.0700 5716 HidBth - ok
19:07:38.0731 5716 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
19:07:38.0731 5716 HidIr - ok
19:07:38.0778 5716 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
19:07:38.0778 5716 HidUsb - ok
19:07:38.0856 5716 HookCentre (17bf8a644d80daf08e28556dcb80bea2) C:\Windows\system32\drivers\HookCentre.sys
19:07:38.0856 5716 HookCentre - ok
19:07:38.0934 5716 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
19:07:38.0934 5716 HpCISSs - ok
19:07:39.0012 5716 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys
19:07:39.0012 5716 hpdskflt - ok
19:07:39.0043 5716 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:07:39.0043 5716 HpqKbFiltr - ok
19:07:39.0105 5716 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
19:07:39.0105 5716 HTTP - ok
19:07:39.0152 5716 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
19:07:39.0152 5716 i2omp - ok
19:07:39.0246 5716 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:39.0246 5716 i8042prt - ok
19:07:39.0293 5716 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
19:07:39.0293 5716 iaStorV - ok
19:07:39.0308 5716 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:07:39.0308 5716 iirsp - ok
19:07:39.0386 5716 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
19:07:39.0386 5716 intelide - ok
19:07:39.0402 5716 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
19:07:39.0402 5716 intelppm - ok
19:07:39.0464 5716 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:39.0464 5716 IpFilterDriver - ok
19:07:39.0480 5716 IpInIp - ok
19:07:39.0511 5716 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
19:07:39.0511 5716 IPMIDRV - ok
19:07:39.0558 5716 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:07:39.0558 5716 IPNAT - ok
19:07:39.0605 5716 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:07:39.0605 5716 IRENUM - ok
19:07:39.0636 5716 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
19:07:39.0636 5716 isapnp - ok
19:07:39.0683 5716 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
19:07:39.0683 5716 iScsiPrt - ok
19:07:39.0714 5716 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:07:39.0714 5716 iteatapi - ok
19:07:39.0776 5716 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:07:39.0776 5716 iteraid - ok
19:07:39.0823 5716 IvtBtBUs (01cbb39001afda1152f3fce15ab646ea) C:\Windows\system32\Drivers\IvtBtBus.sys
19:07:39.0823 5716 IvtBtBUs - ok
19:07:39.0901 5716 JMCR (4020a60f888eaab17865a0dd2422e8d0) C:\Windows\system32\DRIVERS\jmcr.sys
19:07:39.0901 5716 JMCR - ok
19:07:39.0932 5716 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:39.0932 5716 kbdclass - ok
19:07:39.0995 5716 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:07:39.0995 5716 kbdhid - ok
19:07:40.0057 5716 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
19:07:40.0057 5716 KSecDD - ok
19:07:40.0166 5716 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:07:40.0166 5716 lltdio - ok
19:07:40.0229 5716 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
19:07:40.0244 5716 LSI_FC - ok
19:07:40.0260 5716 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
19:07:40.0260 5716 LSI_SAS - ok
19:07:40.0275 5716 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
19:07:40.0275 5716 LSI_SCSI - ok
19:07:40.0307 5716 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:07:40.0307 5716 luafv - ok
19:07:40.0338 5716 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
19:07:40.0353 5716 megasas - ok
19:07:40.0400 5716 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
19:07:40.0400 5716 MegaSR - ok
19:07:40.0431 5716 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:07:40.0431 5716 Modem - ok
19:07:40.0494 5716 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:07:40.0494 5716 monitor - ok
19:07:40.0509 5716 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:07:40.0509 5716 mouclass - ok
19:07:40.0541 5716 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:07:40.0541 5716 mouhid - ok
19:07:40.0572 5716 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:07:40.0572 5716 MountMgr - ok
19:07:40.0603 5716 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
19:07:40.0603 5716 mpio - ok
19:07:40.0650 5716 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:07:40.0650 5716 mpsdrv - ok
19:07:40.0681 5716 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:07:40.0681 5716 Mraid35x - ok
19:07:40.0728 5716 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
19:07:40.0728 5716 MRxDAV - ok
19:07:40.0775 5716 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:40.0775 5716 mrxsmb - ok
19:07:40.0837 5716 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:40.0837 5716 mrxsmb10 - ok
19:07:40.0853 5716 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:40.0853 5716 mrxsmb20 - ok
19:07:40.0931 5716 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
19:07:40.0931 5716 msahci - ok
19:07:40.0962 5716 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
19:07:40.0962 5716 msdsm - ok
19:07:41.0040 5716 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:07:41.0040 5716 Msfs - ok
19:07:41.0102 5716 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:07:41.0102 5716 msisadrv - ok
19:07:41.0165 5716 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:07:41.0165 5716 MSKSSRV - ok
19:07:41.0196 5716 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:41.0196 5716 MSPCLOCK - ok
19:07:41.0243 5716 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:07:41.0243 5716 MSPQM - ok
19:07:41.0274 5716 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
19:07:41.0289 5716 MsRPC - ok
19:07:41.0305 5716 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:07:41.0305 5716 mssmbios - ok
19:07:41.0336 5716 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:07:41.0336 5716 MSTEE - ok
19:07:41.0367 5716 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
19:07:41.0367 5716 Mup - ok
19:07:41.0430 5716 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
19:07:41.0430 5716 NativeWifiP - ok
19:07:41.0508 5716 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
19:07:41.0508 5716 NDIS - ok
19:07:41.0570 5716 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:41.0570 5716 NdisTapi - ok
19:07:41.0586 5716 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:41.0586 5716 Ndisuio - ok
19:07:41.0633 5716 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:41.0633 5716 NdisWan - ok
19:07:41.0664 5716 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:07:41.0664 5716 NDProxy - ok
19:07:41.0726 5716 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:07:41.0726 5716 NetBIOS - ok
19:07:41.0757 5716 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
19:07:41.0757 5716 netbt - ok
19:07:41.0898 5716 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
19:07:41.0913 5716 NETw3v32 - ok
19:07:41.0960 5716 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:07:41.0960 5716 nfrd960 - ok
19:07:41.0991 5716 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
19:07:41.0991 5716 Npfs - ok
19:07:42.0023 5716 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:07:42.0023 5716 nsiproxy - ok
19:07:42.0101 5716 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
19:07:42.0116 5716 Ntfs - ok
19:07:42.0147 5716 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:07:42.0147 5716 ntrigdigi - ok
19:07:42.0163 5716 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:07:42.0163 5716 Null - ok
19:07:42.0194 5716 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
19:07:42.0194 5716 nvraid - ok
19:07:42.0225 5716 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
19:07:42.0225 5716 nvstor - ok
19:07:42.0257 5716 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
19:07:42.0257 5716 nv_agp - ok
19:07:42.0272 5716 NwlnkFlt - ok
19:07:42.0288 5716 NwlnkFwd - ok
19:07:42.0366 5716 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
19:07:42.0366 5716 ohci1394 - ok
19:07:42.0413 5716 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:07:42.0428 5716 Parport - ok
19:07:42.0459 5716 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
19:07:42.0459 5716 partmgr - ok
19:07:42.0522 5716 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:07:42.0522 5716 Parvdm - ok
19:07:42.0584 5716 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:07:42.0600 5716 pccsmcfd - ok
19:07:42.0631 5716 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
19:07:42.0631 5716 pci - ok
19:07:42.0709 5716 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
19:07:42.0709 5716 pciide - ok
19:07:42.0740 5716 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:07:42.0740 5716 pcmcia - ok
19:07:42.0803 5716 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:07:42.0818 5716 PEAUTH - ok
19:07:42.0881 5716 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:07:42.0881 5716 PptpMiniport - ok
19:07:42.0912 5716 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
19:07:42.0912 5716 Processor - ok
19:07:42.0959 5716 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
19:07:42.0959 5716 PSched - ok
19:07:43.0037 5716 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
19:07:43.0052 5716 ql2300 - ok
19:07:43.0083 5716 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:07:43.0083 5716 ql40xx - ok
19:07:43.0115 5716 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:07:43.0115 5716 QWAVEdrv - ok
19:07:43.0161 5716 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:07:43.0161 5716 RasAcd - ok
19:07:43.0177 5716 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:43.0193 5716 Rasl2tp - ok
19:07:43.0239 5716 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:43.0239 5716 RasPppoe - ok
19:07:43.0271 5716 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
19:07:43.0271 5716 RasSstp - ok
19:07:43.0317 5716 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
19:07:43.0317 5716 rdbss - ok
19:07:43.0333 5716 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:43.0333 5716 RDPCDD - ok
19:07:43.0380 5716 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
19:07:43.0380 5716 rdpdr - ok
19:07:43.0411 5716 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:07:43.0411 5716 RDPENCDD - ok
19:07:43.0458 5716 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
19:07:43.0458 5716 RDPWD - ok
19:07:43.0520 5716 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
19:07:43.0520 5716 RFCOMM - ok
19:07:43.0598 5716 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
19:07:43.0598 5716 ROOTMODEM - ok
19:07:43.0629 5716 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:07:43.0629 5716 rspndr - ok
19:07:43.0707 5716 RTL8169 (53892cbd9735a80712ee9439268344b4) C:\Windows\system32\DRIVERS\Rtlh86.sys
19:07:43.0707 5716 RTL8169 - ok
19:07:43.0801 5716 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:07:43.0801 5716 sbp2port - ok
19:07:43.0879 5716 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
19:07:43.0879 5716 sdbus - ok
19:07:43.0910 5716 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:07:43.0910 5716 secdrv - ok
19:07:43.0957 5716 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
19:07:43.0957 5716 Serenum - ok
19:07:44.0019 5716 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:07:44.0035 5716 Serial - ok
19:07:44.0051 5716 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:07:44.0051 5716 sermouse - ok
19:07:44.0144 5716 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
19:07:44.0144 5716 sffdisk - ok
19:07:44.0191 5716 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
19:07:44.0191 5716 sffp_mmc - ok
19:07:44.0222 5716 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
19:07:44.0222 5716 sffp_sd - ok
19:07:44.0253 5716 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:07:44.0253 5716 sfloppy - ok
19:07:44.0503 5716 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
19:07:44.0503 5716 sisagp - ok
19:07:44.0565 5716 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
19:07:44.0565 5716 SiSRaid2 - ok
19:07:44.0597 5716 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
19:07:44.0597 5716 SiSRaid4 - ok
19:07:44.0643 5716 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
19:07:44.0643 5716 Smb - ok
19:07:44.0690 5716 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:07:44.0690 5716 spldr - ok
19:07:44.0924 5716 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
19:07:44.0924 5716 srv - ok
19:07:44.0955 5716 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
19:07:44.0971 5716 srv2 - ok
19:07:44.0987 5716 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
19:07:44.0987 5716 srvnet - ok
19:07:45.0065 5716 STHDA (b2f17b5fb428f5cd6d56b2ab7c7ff80b) C:\Windows\system32\DRIVERS\stwrt.sys
19:07:45.0080 5716 STHDA - ok
19:07:45.0111 5716 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:07:45.0111 5716 swenum - ok
19:07:45.0143 5716 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:07:45.0143 5716 Symc8xx - ok
19:07:45.0189 5716 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:07:45.0189 5716 Sym_hi - ok
19:07:45.0205 5716 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:07:45.0205 5716 Sym_u3 - ok
19:07:45.0267 5716 SynTP (aee6e411a915f50101895ba8dc5c15d4) C:\Windows\system32\DRIVERS\SynTP.sys
19:07:45.0267 5716 SynTP - ok
19:07:45.0345 5716 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
19:07:45.0345 5716 Tcpip - ok
19:07:45.0392 5716 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
19:07:45.0408 5716 Tcpip6 - ok
19:07:45.0455 5716 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
19:07:45.0455 5716 tcpipreg - ok
19:07:45.0501 5716 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:07:45.0501 5716 TDPIPE - ok
19:07:45.0533 5716 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:07:45.0533 5716 TDTCP - ok
19:07:45.0564 5716 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
19:07:45.0564 5716 tdx - ok
19:07:45.0601 5716 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
19:07:45.0602 5716 TermDD - ok
19:07:45.0679 5716 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:45.0680 5716 tssecsrv - ok
19:07:45.0777 5716 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:07:45.0778 5716 tunmp - ok
19:07:45.0845 5716 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
19:07:45.0846 5716 tunnel - ok
19:07:45.0942 5716 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
19:07:45.0943 5716 uagp35 - ok
19:07:46.0029 5716 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
19:07:46.0032 5716 udfs - ok
19:07:46.0071 5716 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
19:07:46.0072 5716 uliagpkx - ok
19:07:46.0107 5716 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
19:07:46.0110 5716 uliahci - ok
19:07:46.0164 5716 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:07:46.0166 5716 UlSata - ok
19:07:46.0195 5716 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:07:46.0197 5716 ulsata2 - ok
19:07:46.0252 5716 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:07:46.0253 5716 umbus - ok
19:07:46.0352 5716 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
19:07:46.0353 5716 usbaudio - ok
19:07:46.0418 5716 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:46.0420 5716 usbccgp - ok
19:07:46.0651 5716 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:07:46.0653 5716 usbcir - ok
19:07:46.0711 5716 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
19:07:46.0713 5716 usbehci - ok
19:07:46.0795 5716 usbfilter (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys
19:07:46.0796 5716 usbfilter - ok
19:07:46.0959 5716 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
19:07:46.0962 5716 usbhub - ok
19:07:47.0022 5716 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
19:07:47.0023 5716 usbohci - ok
19:07:47.0083 5716 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:07:47.0083 5716 usbprint - ok
19:07:47.0146 5716 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:47.0146 5716 USBSTOR - ok
19:07:47.0177 5716 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
19:07:47.0177 5716 usbuhci - ok
19:07:47.0270 5716 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
19:07:47.0286 5716 usbvideo - ok
19:07:47.0426 5716 VComm (025c2a8cba0ab595d3461d278eff5793) C:\Windows\system32\DRIVERS\VComm.sys
19:07:47.0426 5716 VComm - ok
19:07:47.0458 5716 VcommMgr (95ddf14292354887d7d8c8a0881c7485) C:\Windows\system32\Drivers\VcommMgr.sys
19:07:47.0458 5716 VcommMgr - ok
19:07:47.0520 5716 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:47.0520 5716 vga - ok
19:07:47.0567 5716 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:07:47.0567 5716 VgaSave - ok
19:07:47.0598 5716 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
19:07:47.0598 5716 viaagp - ok
19:07:47.0629 5716 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
19:07:47.0629 5716 ViaC7 - ok
19:07:47.0660 5716 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
19:07:47.0660 5716 viaide - ok
19:07:47.0676 5716 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:07:47.0692 5716 volmgr - ok
19:07:47.0723 5716 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
19:07:47.0723 5716 volmgrx - ok
19:07:47.0770 5716 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
19:07:47.0770 5716 volsnap - ok
19:07:47.0785 5716 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
19:07:47.0801 5716 vsmraid - ok
19:07:47.0848 5716 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:07:47.0848 5716 WacomPen - ok
19:07:47.0879 5716 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:47.0879 5716 Wanarp - ok
19:07:47.0894 5716 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:07:47.0910 5716 Wanarpv6 - ok
19:07:47.0941 5716 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
19:07:47.0941 5716 Wd - ok
19:07:47.0988 5716 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:07:47.0988 5716 Wdf01000 - ok
19:07:48.0082 5716 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:07:48.0082 5716 WmiAcpi - ok
19:07:48.0160 5716 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
19:07:48.0160 5716 WpdUsb - ok
19:07:48.0191 5716 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:07:48.0191 5716 ws2ifsl - ok
19:07:48.0238 5716 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:48.0238 5716 WUDFRd - ok
19:07:48.0284 5716 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
19:07:48.0300 5716 yukonwlh - ok
19:07:48.0347 5716 {55662437-DA8C-40c0-AADA-2C816A897A49} (556b5cfe8d21b256add7f87d7f4b4123) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
19:07:48.0347 5716 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
19:07:48.0409 5716 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
19:07:48.0409 5716 \Device\Harddisk0\DR0 - ok
19:07:48.0425 5716 Boot (0x1200) (d49fb56d909ab465700e85b5985d2c4c) \Device\Harddisk0\DR0\Partition0
19:07:48.0425 5716 \Device\Harddisk0\DR0\Partition0 - ok
19:07:48.0456 5716 Boot (0x1200) (eff83d0f6450c41ebbc49822339810b1) \Device\Harddisk0\DR0\Partition1
19:07:48.0456 5716 \Device\Harddisk0\DR0\Partition1 - ok
19:07:48.0456 5716 ============================================================
19:07:48.0456 5716 Scan finished
19:07:48.0456 5716 ============================================================
19:07:48.0472 3276 Detected object count: 0
19:07:48.0472 3276 Actual detected object count: 0

Réponse 9 / 39

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

▶ Fais un clic droit sur le lien ci dessous, choisi "Enregistrer la cible du lien sous", comme destination : ton Bureau, change son nom (ton_pseudo.exe par exemple) :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

▶ Double-clique sur ComboFix.exe

♦ Ne touche à rien (souris, clavier) tant que le scan n'est pas terminé, car tu risques de planter ton PC

▶ En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.</gras>
▶ Une fois le scan achevé, un rapport va s''afficher : Poste son contenu

Notes:
♦ Le rapport se trouve également là : C:\ComboFix.txt
♦ tutoriel combofix

Réponse 10 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

je n'y arrive pas, désolée, l'antivirus ne veut pas se désactiver et il me signale des virus quand combo travaille. il m'annonce "eicar test-not engine b". je ne sais plus quoi faire : je l'autorise à supprimer ?

Réponse 11 / 39

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

eicar c est pas un virus c'pour voir si ton antivirus réagit c est tout ^^

"not a virus"

il ne veut pas se désactiver ou tu ne sais pas le désactiver ??

Réponse 12 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

je viens enfin de trouver : "désactiver le gardien"

j'ai désactivé pour 30minutes : je retourne vers combofix

au fait, merci infiniment de ta présence, ça me soutient beaucoup parce que j'ai juste qu'une envie c'est chialer mais ça ne sert à rien ! mes nerfs sont à bout mais je tiens bon

Réponse 13 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

ComboFix 11-12-10.01 - h 10/12/2011 21:57:10.5.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3069.1963 [GMT 1:00]
Lancé depuis: c:\users\h\Desktop\ton_pseudo.exe
AV: G Data TotalCare 2010 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
FW: Pare-feu personnel G Data *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-11-10 au 2011-12-10 ))))))))))))))))))))))))))))))))))))
.
.
2011-12-10 21:12 . 2011-12-10 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-10 08:59 . 2011-12-10 20:20 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA31F3B9-DC98-4FCF-8285-399D85A09FF0}\offreg.dll
2011-12-10 07:53 . 2011-12-10 07:53 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-12-09 21:52 . 2011-12-10 07:53 -------- d-----w- C:\ZHP
2011-12-09 16:33 . 2009-10-28 02:25 49224 ----a-w- c:\program files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}\components\AvkWebFilterFF.dll
2011-12-09 16:33 . 2011-12-09 16:33 28616 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-12-09 15:39 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA31F3B9-DC98-4FCF-8285-399D85A09FF0}\mpengine.dll
2011-12-09 10:42 . 2011-12-09 19:10 29992 ----a-w- c:\windows\system32\drivers\GRD.sys
2011-12-09 10:25 . 2011-12-09 16:35 55624 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-12-09 10:25 . 2011-12-09 16:35 47560 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2011-12-09 10:24 . 2011-12-09 16:35 35272 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2011-12-09 10:24 . 2011-12-09 10:24 335872 ----a-r- c:\users\h\AppData\Roaming\Microsoft\Installer\{C8D55041-A13C-4620-8DF4-9C5A9C16908D}\ARPPRODUCTICON.exe
2011-12-09 10:24 . 2011-12-09 16:33 40904 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-12-09 10:24 . 2011-12-09 10:24 -------- d-----w- C:\#GDATA.Trash.Store#
2011-12-09 10:23 . 2011-12-09 16:34 -------- d-----w- c:\program files\Common Files\G DATA
2011-12-09 10:23 . 2011-12-09 15:44 -------- d-----w- c:\programdata\G DATA
2011-12-09 10:23 . 2011-12-09 10:23 -------- d-----w- c:\program files\G Data
2011-12-06 21:15 . 2011-12-06 21:15 -------- d-----w- c:\program files\AMR to MP3 Converter
2011-12-03 13:45 . 2011-12-03 13:45 -------- d-sh--w- c:\users\h\AppData\Local\1cf6efbe
2011-11-26 19:16 . 2011-11-26 19:17 -------- d-----w- c:\users\h\AppData\Local\Amazon
2011-11-26 10:04 . 2011-11-26 10:04 -------- d-----w- c:\programdata\UAB
2011-11-26 10:03 . 2011-11-26 10:03 -------- d-----w- c:\users\h\AppData\Local\PC_Drivers_Headquarters
2011-11-26 10:03 . 2011-11-26 10:03 -------- d-----w- c:\programdata\Driver Mender
2011-11-26 10:02 . 2011-11-26 10:02 -------- d-----w- c:\program files\Driver Mender
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-09 21:32 . 2010-03-26 13:58 8109 ----a-w- C:\UsbFix_Upload_Me_PC-DE-H.zip
2011-11-11 06:47 . 2011-07-24 09:53 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-30 23:06 . 2011-10-11 17:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 23:02 . 2011-10-11 17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 23:01 . 2011-10-11 17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 23:01 . 2011-10-11 17:54 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 23:01 . 2011-10-11 17:54 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:07 . 2011-10-11 17:54 385024 ----a-w- c:\windows\system32\html.iec
2011-09-30 21:29 . 2011-10-11 17:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 21:28 . 2011-10-11 17:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-20 21:02 . 2011-11-09 19:36 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-14 18:43 . 2011-05-11 19:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-07_21.20.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2011-12-09 21:38 61688 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-08-09 14:28 . 2011-12-10 20:22 18506 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3104449442-508549085-2972703644-1000_UserData.bin
+ 2009-05-20 01:04 . 2011-12-10 19:27 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-20 01:04 . 2011-12-07 20:46 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-02 22:53 . 2011-12-10 19:27 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-02 22:53 . 2011-12-07 20:46 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-20 01:04 . 2011-12-10 19:27 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-05-20 01:04 . 2011-12-07 20:46 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-18 15:55 . 2011-12-10 08:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-08-18 15:55 . 2011-12-06 20:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-08-18 15:55 . 2011-12-06 20:57 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-08-18 15:55 . 2011-12-10 08:45 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-08-18 15:55 . 2011-12-10 08:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-08-18 15:55 . 2011-12-06 20:57 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-11 22:24 . 2011-12-06 17:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-11 22:24 . 2011-12-09 21:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-11 22:24 . 2011-12-09 21:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-11 22:24 . 2011-12-06 17:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-09 16:41 . 2011-12-09 16:41 19968 c:\windows\Installer\5c3a1.msi
+ 2011-12-09 08:37 . 2011-12-09 08:37 9560 c:\windows\System32\networklist\icons\{4342EDFF-64AC-4B2A-8E41-2B820221109C}_48.bin
+ 2011-12-09 08:37 . 2011-12-09 08:37 4280 c:\windows\System32\networklist\icons\{4342EDFF-64AC-4B2A-8E41-2B820221109C}_32.bin
+ 2011-12-09 08:37 . 2011-12-09 08:37 2456 c:\windows\System32\networklist\icons\{4342EDFF-64AC-4B2A-8E41-2B820221109C}_24.bin
+ 2011-12-10 08:59 . 2011-12-10 20:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-07 20:46 . 2011-12-07 20:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-07 20:46 . 2011-12-07 20:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-10 08:59 . 2011-12-10 20:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-09 10:25 . 2011-12-09 10:25 627200 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_750b37ff97f4f68b\msvcr90.dll
+ 2011-12-09 10:25 . 2011-12-09 10:25 851456 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_750b37ff97f4f68b\msvcp90.dll
+ 2011-12-09 10:25 . 2011-12-09 10:25 245248 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_750b37ff97f4f68b\msvcm90.dll
+ 2009-08-10 10:25 . 2011-12-10 07:14 463526 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 13:05 . 2011-12-10 20:22 115736 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-26 15:48 . 2011-12-07 20:52 679042 c:\windows\System32\perfh00C.dat
+ 2009-02-26 15:48 . 2011-12-10 20:27 679042 c:\windows\System32\perfh00C.dat
- 2006-11-02 10:33 . 2011-12-07 20:52 595996 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2011-12-10 20:27 595996 c:\windows\System32\perfh009.dat
+ 2009-02-26 15:48 . 2011-12-10 20:27 126626 c:\windows\System32\perfc00C.dat
- 2009-02-26 15:48 . 2011-12-07 20:52 126626 c:\windows\System32\perfc00C.dat
- 2006-11-02 10:33 . 2011-12-07 20:52 104070 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2011-12-10 20:27 104070 c:\windows\System32\perfc009.dat
+ 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\System32\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\System32\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\System32\msvcm90.dll
- 2009-08-16 17:20 . 2011-12-07 20:46 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-08-16 17:20 . 2011-12-10 19:27 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-11-16 20:43 . 2011-12-07 20:45 345908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-11-16 20:43 . 2011-12-10 08:58 345908 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-09-18 20:14 . 2011-10-22 12:06 639236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3104449442-508549085-2972703644-1000-12288.dat
+ 2011-09-18 20:14 . 2011-12-09 09:58 639236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3104449442-508549085-2972703644-1000-12288.dat
+ 2006-11-02 10:22 . 2011-12-09 10:27 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2006-11-02 10:22 . 2011-11-12 00:23 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-05-20 02:14 . 2011-12-10 08:58 1624360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-05-20 02:14 . 2011-12-07 20:45 1624360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2010-11-16 20:43 . 2011-12-07 20:45 3864564 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3104449442-508549085-2972703644-1000-8192.dat
+ 2010-11-16 20:43 . 2011-12-10 08:58 3864564 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3104449442-508549085-2972703644-1000-8192.dat
+ 2011-12-09 10:24 . 2011-12-09 10:24 35003392 c:\windows\Installer\162fda.msi
+ 2009-08-12 04:47 . 2011-12-09 10:25 264374113 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-12-04 1410344]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-01-21 210216]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-01-08 450663]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-01 202256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-09-02 315478]
"GDFirewallTray"="c:\program files\G Data\TotalCare\Firewall\GDFirewallTray.exe" [2009-09-24 1124936]
"G DATA AntiVirus Trayapplication"="c:\program files\G Data\TotalCare\AVKTray\AVKTray.exe" [2009-09-07 925768]
.
c:\users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d'écran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 G Data Tuner Service;G Data Tuner Service;c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [2009-04-20 918600]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-12-05 109408]
R3 Service G Data Backup;Service G Data Backup;c:\program files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [2009-10-21 865352]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-06-17 20744]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-12-09 28616]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\DRIVERS\gdwfpcd32.sys [2011-12-09 40904]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-12-09 29992]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/05/20 03:51];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 16:04 87536]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\aestsrv.exe [2009-01-13 77824]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2009-12-10 1054792]
S2 AVKService;Planificateur G Data;c:\program files\G Data\TotalCare\AVK\AVKService.exe [2009-08-12 397896]
S2 AVKWCtl;G Data Gardien;c:\program files\G Data\TotalCare\AVK\AVKWCtl.exe [2009-11-25 1251488]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320]
S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2009-06-17 29192]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 GDFwSvc;Pare-feu personnel G Data;c:\program files\G Data\TotalCare\Firewall\GDFwSvc.exe [2009-11-25 1547104]
S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-12-09 55624]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-12-09 47560]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G DATA\GDScan\GDScan.exe [2009-11-26 302152]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-12-09 35272]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2009-06-17 25480]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms}
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\h\AppData\Roaming\Mozilla\Firefox\Profiles\u4hhb6xf.default\
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/login?.intl=fr&.src=ym&.done=https://fr.mail.yahoo.com/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-10 22:12
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,52,81,5e,67,ba,3b,4a,94,62,72,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,52,81,5e,67,ba,3b,4a,94,62,72,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(6988)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
Heure de fin: 2011-12-10 22:30:06
ComboFix-quarantined-files.txt 2011-12-10 21:29
ComboFix2.txt 2011-12-07 21:31
.
Avant-CF: 203 252 150 272 octets libres
Après-CF: 203 218 567 168 octets libres
.
- - End Of File - - 9A646B816E42E4BFFA259EDD1BCB89C2

Réponse 14 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

je vois que driver mender se trouve dans le rapport : je crois bien que c'est driver mender mon problème. pourtant je l'ai supprimé partout où je l'ai trouvé sur mon pc mais il est toujours là, planqué à droite et à gauche si je fais une bonne lecture du compte rendu de combofix.

Réponse 15 / 39

cabrier Messages postés 5591 Date d'inscription Statut Contributeur sécurité Dernière intervention 702

cosye,
Ne t'inquiète pas, je suppose que juju est allé se coucher.
Il te reprendra surement demain.

Bonne soirée.

Réponse 16 / 39

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

Re,

J'ai pas mal d'occupations sur internet (même de la webradio !!) mais je n'abandonne jamais personne ;)

tu parlais d'un sirefef, apparemment tu avais pu régler le soucis ? sinon combofix et/ou tdsskiller auraient du le supprimer ... or aucune trace de lui !

▶ Télécharge MBAM et installe le selon l'emplacement par défaut
https://www.malwarebytes.com/mwb-download/
▶ Effectue la mise à jour et lance Malwarebytes' Anti-Malware

▶ ▶ Si tu n''arrive pas à le mettre à jour, télécharge ce fichier , ferme MBAM, et exécute le

▶ Clique dans l'onglet du haut "Recherche"
▶ Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
▶ Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

▶ Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

▶ Clique sur OK puis "Afficher les résultats"
▶ Choisis l'option "Supprimer la sélection"
▶ Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
▶ Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
▶ Sinon le rapport s'ouvre automatiquement après la suppression

Quelque soit le résultat, copie/colle le rapport dans le prochain message

Tutoriel : http://forums-fec.be/entraide/viewtopic.php?f=55&t=10

cabrier Messages postés 5591 Date d'inscription Statut Contributeur sécurité Dernière intervention 702

Hé juju tu dors quand ?

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

rarement :)

Réponse 17 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

merci juju d'être là et aussi à cabrier de veiller au sommeil de juju :) ;) j'espère te libérer bien vite. voici le rapport malwarebytes et je vais poster dans quelques minutes quelques liens vers le blog où je stocke les images des alertes virus de ces 15 derniers jours + le nouvel avertissement de windows defender arrivé juste au moment où j'ai redémarré l'ordi.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8351

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19154

11/12/2011 13:26:56
mbam-log-2011-12-11 (13-26-56).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 343403
Temps écoulé: 2 heure(s), 59 minute(s), 16 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL\SearchAssistant (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Réponse 18 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

en guise d'info, récapitulatif par les captures d'images des virus et actions
http://cosye.canalblog.com/

Réponse 19 / 39

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

Re,

On va chercher driver mender !

▶ Télécharge SEAF (de C_XX) sur ton Bureau.
▶ Lance SEAF
▶ Dans les options, règle "Calculer le checksum" sur "MD5" puis coche "Informations supplémentaires" et "Chercher également dans le Registre"
▶ Tape driver mender dans le champs de recherche, clique sur "Lancer la recherche" et patiente.
▶ Poste dans ta prochaine réponse le rapport qui apparait à la fin de la recherche.

Réponse 20 / 39

cosye Messages postés 39 Date d'inscription Statut Membre Dernière intervention

re juju,

Rapport ci-dessous, je me permets juste une observation avant : la touche shift sous maj est redevenue normale (quel bonheur !) : les majuscules de c, o, v, w,x et point d'interro sont enfin affichables quand je maintiens la lettre+shift appuyés, or ce n'était pas le cas pendant toute la durée de l'infection (y compris après intervention physique de l'informaticien sur mon pc, ce qui me laissait sceptique sur la résolution du problème).
La seule anomalie c'est que MAINTENANT la touche effacer (au-dessus d'entrée) n'efface plus en continu mais au clic par clic. Étrange !

. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 19:32:20 le 11/12/2011
4.
5. Valeur(s) recherchée(s):
6. driver mender
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10. (!) --- Calcul du Hash "MD5"
11. (!) --- Informations supplémentaires
12. (!) --- Recherche registre
13.
14. ====== Fichier(s) ======
15.
16.
17. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Mender\Driver Mender.lnk" [ ARCHIVE | 2 Ko ]
18. TC: 26/11/2011,11:02:26 | TM: 26/11/2011,11:02:26 | DA: 26/11/2011,11:02:26
19.
20. Hash MD5: E49B5FDBE91C3200FE0DE35772FD65AA
21.
22.
23. =========================
24.
25.
26. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Mender\Désinstaller Driver Mender.lnk" [ ARCHIVE | 2 Ko ]
27. TC: 26/11/2011,11:02:25 | TM: 26/11/2011,11:02:25 | DA: 26/11/2011,11:02:25
28.
29. Hash MD5: 954B406BB8A8A054F15563317931A852
30.
31.
32. =========================
33.
34.
35. "C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Mender\Driver Mender.lnk" [ ARCHIVE | 2 Ko ]
36. TC: 26/11/2011,11:02:26 | TM: 26/11/2011,11:02:26 | DA: 26/11/2011,11:02:26
37.
38. Hash MD5: E49B5FDBE91C3200FE0DE35772FD65AA
39.
40.
41. =========================
42.
43.
44. "C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Mender\Désinstaller Driver Mender.lnk" [ ARCHIVE | 2 Ko ]
45. TC: 26/11/2011,11:02:25 | TM: 26/11/2011,11:02:25 | DA: 26/11/2011,11:02:25
46.
47. Hash MD5: 954B406BB8A8A054F15563317931A852
48.
49.
50. =========================
51.
52.
53.
54. ====== Entrée(s) du registre ======
55.
56.
57. [HKLM\Software\Classes\Installer\Assemblies\C:|Program Files|Driver Mender|Driver Mender|ThemePack.DriverMender.dll]
58. DA: 26/11/2011 11:02:32
59.
60. [HKLM\Software\Classes\Installer\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B]
61. "ProductName"="Driver Mender" (REG_SZ)
62.
63. [HKLM\Software\Classes\Installer\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\SourceList]
64. "PackageName"="Driver Mender.msi" (REG_SZ)
65.
66. [HKLM\Software\Microsoft\.NETFramework\v2.0.50727\NGENService\Roots\C:/Program Files/Driver Mender/Driver Mender/DriverMender.exe]
67. DA: 26/11/2011 11:03:10
68.
69. [HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\DriverMender.exe]
70. ""="C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe" (REG_SZ)
71.
72. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
73. "C:\Program Files\Driver Mender\Driver Mender\"="1" (REG_SZ)
74.
75. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
76. "C:\Program Files\Driver Mender\"="1" (REG_SZ)
77.
78. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
79. "C:\Program Files\Driver Mender\Driver Mender\fr\"="" (REG_SZ)
80.
81. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
82. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Mender\"="" (REG_SZ)
83.
84. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B036355C95E4E44E98F45B18FD80AAB]
85. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.ExceptionLogging.XmlSerializers.dll" (REG_SZ)
86.
87. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EEC2CED148B72C439AB8572647C0A80]
88. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\fr\Agent.Communication.resources.dll" (REG_SZ)
89.
90. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1300FCF7D7AA8A145B0FA4845A42AE59]
91. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.Practices.EnterpriseLibrary.Common.dll" (REG_SZ)
92.
93. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15C8A8E0A5920D3409D366B409421B7C]
94. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.Common.dll" (REG_SZ)
95.
96. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2D8AF74495DDC9F47B67C4E2F0A4B276]
97. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\fr\Agent.Updater.resources.dll" (REG_SZ)
98.
99. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DB08EB591AD4A445BA1278825A88808]
100. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Common.dll" (REG_SZ)
101.
102. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37022B8351A77964CB33851DA911AFC5]
103. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe" (REG_SZ)
104.
105. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\413F4CFE976EF674DB0ECE3A8577A1C9]
106. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll" (REG_SZ)
107.
108. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\467D46EE8C584A14A8818A0EFABB94B8]
109. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\config.dat" (REG_SZ)
110.
111. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A035E365D459CF42A20AF679228693B]
112. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.Practices.ObjectBuilder.dll" (REG_SZ)
113.
114. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51E4D627368C13C41B756804A6A478A8]
115. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\config.dat" (REG_SZ)
116.
117. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5465803A2ED9E314EB22C364F3C3910C]
118. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.ApplicationBlocks.Updater.Downloaders.dll" (REG_SZ)
119.
120. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\560D410C05CE66D45B25A97188578CE5]
121. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Knowledge Base.url" (REG_SZ)
122.
123. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C054CE39984A27468D06E6DC0317544]
124. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\fr\Agent.resources.dll" (REG_SZ)
125.
126. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\622191A0FD7A81F4FA85759BEE2E76B9]
127. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.ApplicationBlocks.Updater.dll" (REG_SZ)
128.
129. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7478A79F552C4974FBCCD42E44843EB1]
130. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\DriverMender.Updater.exe" (REG_SZ)
131.
132. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7C805D047A416D8428F5D85C883DE57A]
133. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\ExceptionLogging.dll" (REG_SZ)
134.
135. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\80F13A8DA3821734894BB06E8465D946]
136. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\fr\Agent.Common.resources.dll" (REG_SZ)
137.
138. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\91808DA248CE7E14EA9E730F2B586867]
139. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\ISUninstall.exe" (REG_SZ)
140.
141. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\92CA1883D7DD9AB45B0ADDA7C27FF3A5]
142. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Interop.WUApiLib.dll" (REG_SZ)
143.
144. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94446562A2699964290CC2BBA657CD57]
145. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\fr\Agent.ExceptionLogging.resources.dll" (REG_SZ)
146.
147. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95B4600F36F1E1643976AD65498A27F8]
148. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.ExceptionLogging.dll" (REG_SZ)
149.
150. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A0DAE82ABC4618544AAE6EC5BD7A82A2]
151. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\" (REG_SZ)
152.
153. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A77BC9DE11391674286D1C264935BFD4]
154. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.Communication.XmlSerializers.dll" (REG_SZ)
155.
156. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6F77C521910EDD43AE4B27CABD84108]
157. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\XPBurnComponent.dll" (REG_SZ)
158.
159. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8E9930584388AE4EB2C13421F781217]
160. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.Communication.dll" (REG_SZ)
161.
162. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C24102C4392CE83C0CF5717B4B36C2DD]
163. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\" (REG_SZ)
164.
165. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D48CC798270694445806007FDBA20E6B]
166. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Microsoft.ApplicationBlocks.Updater.ActivationProcessors.dll" (REG_SZ)
167.
168. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D51C54E5E880A904BAC0420868C35819]
169. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\DriverMender.Updater.exe.config" (REG_SZ)
170.
171. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD493C0786C0EC5458E397A7FE65E014]
172. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\Agent.CPU.exe" (REG_SZ)
173.
174. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E0060DB5E274B7F4A9DE4F11ED3FF6F3]
175. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\ThemePack.DriverMender.dll" (REG_SZ)
176.
177. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E2269A73A849ACC4F824B19D88042317]
178. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\DriverMender.fr.chm" (REG_SZ)
179.
180. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F419F656325E56943BB8A2D7DDB03688]
181. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe.config" (REG_SZ)
182.
183. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F795820EF9DF9EABC08AE8EAB7C300E3]
184. "1F1CA1BF74F8ECD41ADED0BF0A4F554B"="C:\Program Files\Driver Mender\Driver Mender\" (REG_SZ)
185.
186. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\InstallProperties]
187. "Comments"="Driver Mender Installation" (REG_SZ)
188.
189. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\InstallProperties]
190. "Contact"="Driver Mender Technical Support" (REG_SZ)
191.
192. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\InstallProperties]
193. "InstallLocation"="C:\Program Files\Driver Mender\Driver Mender\" (REG_SZ)
194.
195. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\InstallProperties]
196. "Publisher"="Driver Mender" (REG_SZ)
197.
198. [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F1CA1BF74F8ECD41ADED0BF0A4F554B\InstallProperties]
199. "DisplayName"="Driver Mender" (REG_SZ)
200.
201. [HKLM\Software\Microsoft\Windows\CurrentVersion\Setup]
202. "Installation Sources"="C:\Program Files\Driver Mender
203. C:\PROGRAM FILES\REALTEK\VISTA_8169\WINVISTA
204. C:\PROGRAM FILES\REALTEK\VISTA_8169\WININBOX
205. C:\" (REG_MULTI_SZ)
206.
207. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}]
208. "Comments"="Driver Mender Installation" (REG_SZ)
209.
210. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}]
211. "Contact"="Driver Mender Technical Support" (REG_SZ)
212.
213. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}]
214. "InstallLocation"="C:\Program Files\Driver Mender\Driver Mender\" (REG_SZ)
215.
216. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}]
217. "Publisher"="Driver Mender" (REG_SZ)
218.
219. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}]
220. "DisplayName"="Driver Mender" (REG_SZ)
221.
222. [HKLM\System\ControlSet001\Services\Eventlog\Application\Driver Mender]
223. DA: 09/12/2011 11:24:29
224.
225. [HKLM\System\ControlSet005\Services\Eventlog\Application\Driver Mender]
226. DA: 09/12/2011 11:24:29
227.
228. [HKLM\System\CurrentControlSet\Services\Eventlog\Application\Driver Mender]
229. DA: 09/12/2011 11:24:29
230.
231. =========================
232.
233. Fin à: 19:43:12 le 11/12/2011
234. 513249 Éléments analysés
235.
236. =========================
237. E.O.F

Gen variant kazy

39 réponses

Votre réponse

Discussions similaires