Se connecter avec
S'enregistrer | Connectez-vous

Infection virale, PC extrêmement lent, mémoire qui déborde, clés USB .

Dernière réponse : dans Sécurité

Hello !

Je rencontre plusieurs symptômes sur ce PC :

1. Anormalement lent. Ouvrir un fichier texte sur le bureau prend une plombe.

2. J'ai une commit memory usage de près de 1Go, alors que je n'ai que 512Mo de mémoire vive et trois programmes lancés :
- Outlook
- Firefox
- Skype
- Avira Antivir
J'ai le process de MàJ Windows wuauclt.exe et le svchost.exe qui le supporte tourne quant à lui à 200 Mo de "Private Bytes" sur Process Explorer ....

3. La clef USB que je branche dessus ressort du PC avec un Autorun.inf et un dossier ReCycLEr ...

4. Antivir m'a trouvé un virus lors de son scan : TR/Crypt.XPACK.Gen Trojan

5. Le pare-feu Windows se désactive tout seul, du coup le centre de sécurité m'alerte comme quoi tout va

6. Certains programmes se ferment seuls de temps en temps. Enfin c'est arrivé une fois où Skype et Avira ne se retrouvaient plus dans la barre des tâches à droite.


Voila, ça fait beaucoup de symptômes, mais du coup je galère à utiliser le PC, et je voudrais éviter un formattage si possible ... Je suis sûr que vous pouvez m'aider !

Merci !

Autres pages sur : infection virale extremement lent memoire deborde cles usb

Lassé par la pub ? Créez un compte

J'ai déjà lancé RSIT, en voici les deux fichiers de sortie. :) 


Le fichier info.txt:
  1. info.txt logfile of random's system information tool 1.08 2010-08-30 22:33:26
    

  2.  
  3. ======Uninstall list======
    

  4.  
  5. -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    

  6. -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    

  7. Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    

  8. Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    

  9. Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
    

  10. ALZip-->"C:\Program Files\ALZip\unins000.exe"
    

  11. Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    

  12. Canon Camera Window DC_DV 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F} 
    

  13. Canon Camera Window DC_DV 6 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D} 
    

  14. Canon Camera Window DSLR 5 for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7} 
    

  15. Canon PIXMA iP3000-->C:\WINDOWS\System32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi040c.dll"
    

  16. Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4} 
    

  17. Canon ScanGear Toolbox 3.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon ScanGear Toolbox Ver3\Uninst.isu" -c"C:\Program Files\Canon ScanGear Toolbox Ver3\uninst.dll"
    

  18. Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
    

  19. Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6} 
    

  20. Cobian Backup 9-->C:\Program Files\Cobian Backup 9\cbUninstall.exe
    

  21. Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    

  22. Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    

  23. Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    

  24. Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    

  25. Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    

  26. Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    

  27. Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    

  28. Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
    

  29. Correctif Windows XP - KB887797-->C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
    

  30. Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    

  31. Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    

  32. Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    

  33. Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    

  34. Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    

  35. Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    

  36. CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
    

  37. DeepBurner v1.7.1.213-->"C:\Program Files\DeepBurner\Uninstall.exe" "C:\Program Files\DeepBurner\install.log"
    

  38. Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
    

  39. Extension Système de Microsoft Money-->MsiExec.exe /I{CF5193FB-6B37-11D5-B7D2-00AA00A204F1}
    

  40. FileZilla Client 3.2.7.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    

  41. Folder Size for Windows-->MsiExec.exe /I{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}
    

  42. Funbridge2-->C:\PROGRA~1\GOTO~1.GAM\FUNBRI~2\UNWISE.EXE C:\PROGRA~1\GOTO~1.GAM\FUNBRI~2\INSTALL.LOG
    

  43. Google Chrome-->"C:\Program Files\Google\Chrome\Application\5.0.375.127\Installer\setup.exe" --uninstall --system-level
    

  44. Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    

  45. Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
    

  46. J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    

  47. Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    

  48. Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    

  49. Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
    

  50. Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    

  51. Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    

  52. Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    

  53. Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    

  54. Microsoft Money-->MsiExec.exe /I{E7298FDC-1386-11D5-8D6C-0050DAD32D95}
    

  55. Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    

  56. Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}
    

  57. Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    

  58. Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    

  59. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    

  60. MicroStaff WINASPI-->C:\PROGRA~1\MWinASPI\uninst.exe
    

  61. Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    

  62. Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    

  63. Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    

  64. Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    

  65. Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
    

  66. Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    

  67. Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    

  68. Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    

  69. Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    

  70. Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    

  71. Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    

  72. Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
    

  73. Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    

  74. Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    

  75. Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    

  76. Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    

  77. Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    

  78. Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    

  79. Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    

  80. Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    

  81. Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    

  82. Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    

  83. Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    

  84. Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    

  85. Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
    

  86. Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    

  87. Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    

  88. Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    

  89. Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    

  90. Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    

  91. Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    

  92. Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    

  93. Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    

  94. Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    

  95. Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
    

  96. Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    

  97. Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    

  98. Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    

  99. Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    

  100. Mise à jour pour Windows XP (KB900930)-->"C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe"
    

  101. Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    

  102. Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    

  103. Mozilla Firefox (3.5.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    

  104. MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
    

  105. nrg2iso-->MsiExec.exe /I{61879398-F35C-4628-AC95-2B84B859FE93}
    

  106. NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    

  107. OmniPage Pro 9.0-->C:\Program Files\OmniPage Pro 9.0\Deinstall.exe "C:\Program Files\OmniPage Pro 9.0\uninstall.exe -f'C:\Program Files\OmniPage Pro 9.0\DeIsL1.isu'"
    

  108. Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    

  109. Paint Shop Pro 6.0 (CD-ROM)-->C:\PROGRA~1\PAINTS~1\Unwise.exe C:\PROGRA~1\PAINTS~1\INSTALL.LOG
    

  110. PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    

  111. Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
    

  112. PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe"  -uninstall
    

  113. PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} 
    

  114. QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    

  115. RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    

  116. Scan Manager 5.2-->MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
    

  117. Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    

  118. SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
    

  119. VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 
    

  120. VIAhm-->C:\WINDOWS\IsUninst.exe -f"c:\program files\VIA Hardware Monitor Utility\Uninst.isu"
    

  121. VLC media player 1.1.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    

  122. Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
    

  123. Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
    

  124. Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    

  125. Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    

  126. Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
    

  127. Windows Media Connect-->msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
    

  128. Windows Media Connect-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
    

  129. Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    

  130. Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
    

  131. Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    

  132. Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
    

  133.  
  134. ======Security center information======
    

  135.  
  136. AV: AntiVir Desktop
    

  137.  
  138. ======System event log======
    

  139.  
  140. Computer Name: LEPOUTRE
    

  141. Event Code: 1003
    

  142. Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    

  143. du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0050BAB2F30A. Il s'est
    

  144. produit l'erreur suivante : 
    

  145. Le délai de temporisation de sémaphore a expiré.
    

  146. .
    

  147. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    

  148. serveur d'adresse réseau (DHCP).
    

  149.  
  150. Record Number: 78867
    

  151. Source Name: Dhcp
    

  152. Time Written: 20100630143345.000000+120
    

  153. Event Type: Avertissement
    

  154. User: 
    

  155.  
  156. Computer Name: LEPOUTRE
    

  157. Event Code: 4201
    

  158. Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{475C8604-F365-43A0-8482-EA897FB32646} était connectée au réseau,
    

  159. et a lancé une opération normale sur la carte réseau.
    

  160.  
  161. Record Number: 78866
    

  162. Source Name: Tcpip
    

  163. Time Written: 20100630143313.000000+120
    

  164. Event Type: Informations
    

  165. User: 
    

  166.  
  167. Computer Name: LEPOUTRE
    

  168. Event Code: 2505
    

  169. Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{475C8604-F365-43A0-8482-EA897FB32646} car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer.
    

  170.  
  171. Record Number: 78865
    

  172. Source Name: Server
    

  173. Time Written: 20100630135040.000000+120
    

  174. Event Type: erreur
    

  175. User: 
    

  176.  
  177. Computer Name: LEPOUTRE
    

  178. Event Code: 30013
    

  179. Message: L'allocateur DHCP s'est désactivé sur l'adresse IP 192.168.2.2,
    

  180. car l'adresse IP est en dehors de l'étendue 192.168.0.0/255.255.255.0
    

  181. à partir de laquelle les adresses sont allouées aux clients DHCP.
    

  182. Pour activer l'allocateur sur cette adresse IP,
    

  183. modifiez l'étendue pour y intégrer l'adresse IP,,
    

  184. ou modifiez l'adresse IP pour qu'elle puisse faire partie de l'étendue.
    

  185.  
  186. Record Number: 78864
    

  187. Source Name: ipnathlp
    

  188. Time Written: 20100630135030.000000+120
    

  189. Event Type: erreur
    

  190. User: 
    

  191.  
  192. Computer Name: LEPOUTRE
    

  193. Event Code: 30013
    

  194. Message: L'allocateur DHCP s'est désactivé sur l'adresse IP 169.254.223.111,
    

  195. car l'adresse IP est en dehors de l'étendue 192.168.0.0/255.255.255.0
    

  196. à partir de laquelle les adresses sont allouées aux clients DHCP.
    

  197. Pour activer l'allocateur sur cette adresse IP,
    

  198. modifiez l'étendue pour y intégrer l'adresse IP,,
    

  199. ou modifiez l'adresse IP pour qu'elle puisse faire partie de l'étendue.
    

  200.  
  201. Record Number: 78863
    

  202. Source Name: ipnathlp
    

  203. Time Written: 20100630135028.000000+120
    

  204. Event Type: erreur
    

  205. User: 
    

  206.  
  207. =====Application event log=====
    

  208.  
  209. Computer Name: LEPOUTRE
    

  210. Event Code: 1000
    

  211. Message: 
    

  212. Record Number: 18385
    

  213. Source Name: Microsoft Money
    

  214. Time Written: 20100101130003.000000+060
    

  215. Event Type: erreur
    

  216. User: 
    

  217.  
  218. Computer Name: LEPOUTRE
    

  219. Event Code: 0
    

  220. Message: 
    

  221. Record Number: 18384
    

  222. Source Name: gusvc
    

  223. Time Written: 20100101115401.000000+060
    

  224. Event Type: Informations
    

  225. User: 
    

  226.  
  227. Computer Name: LEPOUTRE
    

  228. Event Code: 0
    

  229. Message: 
    

  230. Record Number: 18383
    

  231. Source Name: gusvc
    

  232. Time Written: 20100101115300.000000+060
    

  233. Event Type: Informations
    

  234. User: 
    

  235.  
  236. Computer Name: LEPOUTRE
    

  237. Event Code: 1517
    

  238. Message: Windows a sauvegardé le Registre utilisateur LEPOUTRE\Parents alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. 
    

  239.  
  240.  
  241. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
    

  242.  
  243. Record Number: 18382
    

  244. Source Name: Userenv
    

  245. Time Written: 20100101104552.000000+060
    

  246. Event Type: Avertissement
    

  247. User: AUTORITE NT\SYSTEM
    

  248.  
  249. Computer Name: LEPOUTRE
    

  250. Event Code: 1002
    

  251. Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré.
    

  252.  
  253. Record Number: 18381
    

  254. Source Name: Winlogon
    

  255. Time Written: 20100101102056.000000+060
    

  256. Event Type: Informations
    

  257. User: 
    

  258.  
  259. ======Environment variables======
    

  260.  
  261. "ComSpec"=%SystemRoot%\system32\cmd.exe
    

  262. "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ALZip;C:\Program Files\QuickTime\QTSystem
    

  263. "windir"=%SystemRoot%
    

  264. "OS"=Windows_NT
    

  265. "PROCESSOR_ARCHITECTURE"=x86
    

  266. "PROCESSOR_LEVEL"=6
    

  267. "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    

  268. "PROCESSOR_REVISION"=0a00
    

  269. "NUMBER_OF_PROCESSORS"=1
    

  270. "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    

  271. "TEMP"=%SystemRoot%\TEMP
    

  272. "TMP"=%SystemRoot%\TEMP
    

  273. "FP_NO_HOST_CHECK"=NO
    

  274. "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    

  275. "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    

  276.  
  277. -----------------EOF-----------------



Et le log.txt :
  1. Logfile of random's system information tool 1.08 (written by random/random)
    

  2. Run by Parents at 2010-08-30 22:29:36
    

  3. Microsoft Windows XP Professionnel Service Pack 2
    

  4. System drive C: has 1 GB (12%) free of 11 GB
    

  5. Total RAM: 511 MB (39% free)
    

  6.  
  7. Logfile of Trend Micro HijackThis v2.0.4
    

  8. Scan saved at 22:33:07, on 30/08/2010
    

  9. Platform: Windows XP SP2 (WinNT 5.01.2600)
    

  10. MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    

  11. Boot mode: Normal
    

  12.  
  13. Running processes:
    

  14. C:\WINDOWS\System32\smss.exe
    

  15. C:\WINDOWS\system32\winlogon.exe
    

  16. C:\WINDOWS\system32\services.exe
    

  17. C:\WINDOWS\system32\lsass.exe
    

  18. C:\WINDOWS\system32\svchost.exe
    

  19. C:\WINDOWS\System32\svchost.exe
    

  20. C:\WINDOWS\system32\spoolsv.exe
    

  21. C:\Program Files\Avira\AntiVir Desktop\sched.exe
    

  22. C:\Program Files\Cobian Backup 9\cbService.exe
    

  23. C:\Program Files\FolderSize\FolderSizeSvc.exe
    

  24. C:\Program Files\Java\jre6\bin\jqs.exe
    

  25. C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    

  26. C:\WINDOWS\system32\nvsvc32.exe
    

  27. C:\WINDOWS\System32\svchost.exe
    

  28. C:\WINDOWS\System32\wbem\wmiapsrv.exe
    

  29. C:\WINDOWS\System32\svchost.exe
    

  30. C:\WINDOWS\system32\RUNDLL32.EXE
    

  31. C:\Program Files\Cobian Backup 9\cbInterface.exe
    

  32. C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    

  33. C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    

  34. C:\WINDOWS\explorer.exe
    

  35. C:\WINDOWS\System32\dllhost.exe
    

  36. C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    

  37. C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
    

  38. C:\WINDOWS\system32\wuauclt.exe
    

  39. C:\Program Files\Mozilla Firefox\firefox.exe
    

  40. C:\Program Files\Process Explorer\procexp.exe
    

  41. C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    

  42. C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    

  43. D:\Famille\Parents\Téléchargements\RSIT.exe
    

  44. C:\Program Files\trend micro\Parents.exe
    

  45.  
  46. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.google.fr/" target="_blank">http://www.google.fr/</a>
    

  47. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>
    

  48. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
    

  49. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = <a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>
    

  50. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    

  51. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    

  52. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    

  53. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    

  54. O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    

  55. O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
    

  56. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    

  57. O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    

  58. O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    

  59. O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    

  60. O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service
    

  61. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    

  62. O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    

  63. O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    

  64. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
    

  65. O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    

  66. O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    

  67. O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    

  68. O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    

  69. O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    

  70. O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
    

  71. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    

  72. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    

  73. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - <a href="http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119823669188" target="_blank">http://update.microsoft.com/windowsupdate/v6/V5Controls...</a>
    

  74. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    

  75. O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    

  76. O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    

  77. O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    

  78. O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    

  79. O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
    

  80. O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    

  81. O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    

  82. O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
    

  83. O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    

  84. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    

  85. O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    

  86. O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    

  87. O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
    

  88. O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    

  89. O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    

  90. O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    

  91. O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    

  92. O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    

  93. O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
    

  94. O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    

  95. O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
    

  96.  
  97. --
    

  98. End of file - 7163 bytes
    

  99.  
  100. ======Scheduled tasks folder======
    

  101.  
  102. C:\WINDOWS\tasks\Google Software Updater.job
    

  103. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    

  104. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    

  105.  
  106. ======Registry dump======
    

  107.  
  108. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    

  109. Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
    

  110.  
  111. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    

  112. Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
    

  113.  
  114. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    

  115. Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
    

  116.  
  117. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    

  118. JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
    

  119.  
  120. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
    

  121. C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 143420]
    

  122.  
  123. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    

  124. "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
    

  125. "Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
    

  126. "nwiz"=nwiz.exe /install []
    

  127. "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
    

  128. "Cobian Backup 9 interface"=C:\Program Files\Cobian Backup 9\cbInterface.exe [2008-06-24 2747392]
    

  129. "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
    

  130. "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
    

  131. "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
    

  132. "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552]
    

  133. "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
    

  134.  
  135. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    

  136. "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
    

  137.  
  138. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
    

  139. C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2006-11-02 528384]
    

  140.  
  141. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
    

  142. C:\Program Files\Microsoft Money\System\Money Express.exe [2001-07-25 192568]
    

  143.  
  144. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0]
    

  145. C:\Program Files\Microsoft Money\System\Activation.exe [2001-07-25 245810]
    

  146.  
  147. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    

  148. nwiz.exe /install []
    

  149.  
  150. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    

  151. C:\Program Files\PowerDVD\PDVDServ.exe [2004-11-02 32768]
    

  152.  
  153. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    

  154. UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-20 240128]
    

  155.  
  156. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    

  157. "dontdisplaylastusername"=0
    

  158. "legalnoticecaption"=
    

  159. "legalnoticetext"=
    

  160. "shutdownwithoutlogon"=1
    

  161. "undockwithoutlogon"=1
    

  162.  
  163. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    

  164. "NoDriveTypeAutoRun"=323
    

  165. "NoDriveAutoRun"=67108863
    

  166. "NoDrives"=0
    

  167.  
  168. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    

  169. "NoDriveAutoRun"=67108863
    

  170. "NoDriveTypeAutoRun"=323
    

  171. "NoDrives"=0
    

  172.  
  173. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    

  174. "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    

  175. "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
    

  176. "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    

  177. "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
    

  178.  
  179. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    

  180. "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    

  181. "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    

  182. "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
    

  183.  
  184.  
  185. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
    

  186. "Debugger=""C:\PROGRAM FILES\PROCESS EXPLORER\PROCEXP.EXE"
    

  187.  
  188. ======List of files/folders created in the last 3 months======
    

  189.  
  190. 2010-08-30 22:29:34 ----D---- C:\rsit
    

  191. 2010-08-30 22:06:27 ----D---- C:\Program Files\Process Explorer
    

  192. 2010-08-30 21:42:22 ----A---- C:\WINDOWS\system32\muweb.dll
    

  193. 2010-08-30 21:42:22 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    

  194. 2010-08-30 21:42:22 ----A---- C:\WINDOWS\system32\mucltui.dll
    

  195. 2010-08-30 16:30:19 ----D---- C:\Documents and Settings\Parents\Application Data\vlc
    

  196. 2010-08-30 16:19:04 ----SHD---- C:\Config.Msi
    

  197. 2010-08-30 16:15:23 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    

  198. 2010-08-30 16:15:23 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    

  199. 2010-08-30 16:15:23 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    

  200. 2010-08-30 16:15:22 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    

  201. 2010-08-30 16:15:09 ----D---- C:\WINDOWS\LastGood
    

  202. 2010-08-30 16:09:51 ----D---- C:\Documents and Settings\Parents\Application Data\Avira
    

  203. 2010-08-30 16:08:14 ----SHD---- C:\RECYCLER
    

  204. 2010-08-30 15:41:37 ----A---- C:\Boot.bak
    

  205. 2010-08-30 15:41:30 ----RASHD---- C:\cmdcons
    

  206. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\zip.exe
    

  207. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\SWREG.exe
    

  208. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\sed.exe
    

  209. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\PEV.exe
    

  210. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\NIRCMD.exe
    

  211. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\MBR.exe
    

  212. 2010-08-30 15:37:01 ----A---- C:\WINDOWS\grep.exe
    

  213. 2010-08-30 15:37:00 ----A---- C:\WINDOWS\SWXCACLS.exe
    

  214. 2010-08-30 15:37:00 ----A---- C:\WINDOWS\SWSC.exe
    

  215. 2010-08-30 15:36:36 ----D---- C:\WINDOWS\ERDNT
    

  216. 2010-08-30 15:28:28 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
    

  217. 2010-08-30 15:28:26 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
    

  218. 2010-08-30 15:28:26 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
    

  219. 2010-08-30 15:28:26 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
    

  220. 2010-08-30 15:28:25 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
    

  221. 2010-08-30 15:28:06 ----D---- C:\Program Files\Avira
    

  222. 2010-08-30 15:28:06 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    

  223. 2010-08-30 15:17:37 ----ASH---- C:\pagefile.sys
    

  224. 2010-08-30 14:44:16 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
    

  225. 2010-08-30 12:46:06 ----A---- C:\WINDOWS\system32\javaws.exe
    

  226. 2010-08-30 12:46:06 ----A---- C:\WINDOWS\system32\javaw.exe
    

  227. 2010-08-30 12:46:06 ----A---- C:\WINDOWS\system32\java.exe
    

  228. 2010-08-30 12:37:15 ----D---- C:\Program Files\Trend Micro
    

  229. 2010-06-16 16:32:23 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
    

  230. 2010-06-16 16:31:35 ----A---- C:\WINDOWS\system32\deployJava1.dll
    

  231.  
  232. ======List of files/folders modified in the last 3 months======
    

  233.  
  234. 2010-08-30 22:26:05 ----D---- C:\WINDOWS\Prefetch
    

  235. 2010-08-30 22:10:17 ----D---- C:\WINDOWS\system32\drivers
    

  236. 2010-08-30 22:06:27 ----RD---- C:\Program Files
    

  237. 2010-08-30 22:05:09 ----D---- C:\Program Files\ALZip
    

  238. 2010-08-30 21:52:35 ----D---- C:\Program Files\Mozilla Firefox
    

  239. 2010-08-30 21:44:22 ----D---- C:\WINDOWS\system32\CatRoot
    

  240. 2010-08-30 21:42:24 ----D---- C:\WINDOWS\Temp
    

  241. 2010-08-30 21:42:22 ----D---- C:\WINDOWS\system32
    

  242. 2010-08-30 21:42:21 ----HD---- C:\WINDOWS\inf
    

  243. 2010-08-30 18:46:57 ----D---- C:\WINDOWS\system32\NtmsData
    

  244. 2010-08-30 18:02:03 ----D---- C:\WINDOWS\repair
    

  245. 2010-08-30 18:01:55 ----D---- C:\WINDOWS\Registration
    

  246. 2010-08-30 17:03:31 ----D---- C:\WINDOWS\Microsoft.NET
    

  247. 2010-08-30 16:24:13 ----D---- C:\Documents and Settings\Parents\Application Data\Skype
    

  248. 2010-08-30 16:24:06 ----SHD---- C:\WINDOWS\Installer
    

  249. 2010-08-30 16:23:09 ----D---- C:\WINDOWS\SxsCaPendDel
    

  250. 2010-08-30 16:21:51 ----RSD---- C:\WINDOWS\assembly
    

  251. 2010-08-30 16:20:49 ----D---- C:\Program Files\Windows Live
    

  252. 2010-08-30 16:18:12 ----D---- C:\WINDOWS\WinSxS
    

  253. 2010-08-30 16:16:10 ----D---- C:\WINDOWS
    

  254. 2010-08-30 16:15:42 ----D---- C:\WINDOWS\SoftwareDistribution
    

  255. 2010-08-30 16:15:41 ----D---- C:\WINDOWS\Help
    

  256. 2010-08-30 16:15:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
    

  257. 2010-08-30 16:14:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
    

  258. 2010-08-30 16:13:20 ----D---- C:\Bridge Base Online
    

  259. 2010-08-30 16:02:53 ----D---- C:\Documents and Settings\Parents\Application Data\skypePM
    

  260. 2010-08-30 15:54:04 ----A---- C:\WINDOWS\system.ini
    

  261. 2010-08-30 15:53:45 ----D---- C:\WINDOWS\system32\CatRoot2
    

  262. 2010-08-30 15:53:33 ----D---- C:\WINDOWS\system32\drivers\etc
    

  263. 2010-08-30 15:53:00 ----SD---- C:\WINDOWS\Tasks
    

  264. 2010-08-30 15:45:47 ----D---- C:\WINDOWS\AppPatch
    

  265. 2010-08-30 15:45:36 ----D---- C:\Program Files\Fichiers communs
    

  266. 2010-08-30 15:41:37 ----RASH---- C:\boot.ini
    

  267. 2010-08-30 15:37:33 ----A---- C:\WINDOWS\SchedLgU.Txt
    

  268. 2010-08-30 15:27:09 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    

  269. 2010-08-30 15:17:36 ----D---- C:\Program Files\AVG Free
    

  270. 2010-08-30 14:46:23 ----D---- C:\WINDOWS\nview
    

  271. 2010-08-30 14:26:12 ----D---- C:\Program Files\UltraVNC
    

  272. 2010-08-30 13:36:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    

  273. 2010-08-30 12:47:01 ----D---- C:\Program Files\Unlocker
    

  274. 2010-08-30 12:46:31 ----D---- C:\Program Files\Fichiers communs\Java
    

  275. 2010-08-30 12:45:43 ----D---- C:\Program Files\DivX
    

  276. 2010-08-30 12:45:32 ----D---- C:\Program Files\Java
    

  277. 2010-08-30 12:37:16 ----D---- C:\WINDOWS\system
    

  278. 2010-08-10 10:17:54 ----D---- C:\Program Files\Paint Shop Pro 6
    

  279. 2010-08-08 23:19:58 ----D---- C:\Documents and Settings\Parents\Application Data\Intelli-studio
    

  280. 2010-07-30 23:42:45 ----D---- C:\Documents and Settings\Parents\Application Data\FileZilla
    

  281. 2010-07-30 14:55:28 ----D---- C:\Documents and Settings\Parents\Application Data\Canon
    

  282. 2010-07-04 19:22:02 ----D---- C:\Program Files\Canon ScanGear Toolbox Ver3
    

  283.  
  284. ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    

  285.  
  286. R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
    

  287. R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
    

  288. R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
    

  289. R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
    

  290. R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2002-03-19 27648]
    

  291. R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2002-03-19 27648]
    

  292. R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-20 41600]
    

  293. R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    

  294. R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
    

  295. R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    

  296. R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
    

  297. R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279]
    

  298. R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
    

  299. R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
    

  300. R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    

  301. R3 DLKRTS;D-Link DFE-530TX+ PCI Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\DLKRTS.SYS [2000-07-18 29820]
    

  302. R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000]
    

  303. R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    

  304. R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    

  305. R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
    

  306. R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-04 15104]
    

  307. R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    

  308. R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
    

  309. R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2001-11-25 41152]
    

  310. R4 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys []
    

  311. S1 Hmnt;Hmnt; C:\WINDOWS\system32\drivers\Hmnt.sys [2000-03-23 11182]
    

  312. S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    

  313. S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
    

  314. S3 fbxusb;FreeBox USB Network Adapter; C:\WINDOWS\System32\DRIVERS\fbxusb.sys [2003-12-31 18848]
    

  315. S3 GemSealC;GemSealC; C:\WINDOWS\system32\DRIVERS\GemSealC.sys []
    

  316. S3 GemXGMBus;Gemalto Smart Card Bus Enumerator; C:\WINDOWS\system32\DRIVERS\GemXGMBus.sys [2007-04-03 15872]
    

  317. S3 hamachi_oem;PlayLinc Adapter; C:\WINDOWS\system32\DRIVERS\gan_adapter.sys [2006-10-19 10664]
    

  318. S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
    

  319. S3 mbr;mbr; \??\C:\DOCUME~1\Parents\LOCALS~1\Temp\mbr.sys []
    

  320. S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
    

  321. S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    

  322. S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    

  323. S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []
    

  324. S3 QV2KUX;Appareil photo numérique Casio; C:\WINDOWS\System32\DRIVERS\qv2kux.sys [2001-08-17 3328]
    

  325. S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    

  326. S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
    

  327. S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
    

  328. S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
    

  329. S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
    

  330. S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
    

  331. S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
    

  332. S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
    

  333. S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    

  334. S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    

  335. S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
    

  336. S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    

  337. S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
    

  338. S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
    

  339. S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    

  340. S3 wsvad_driver;WS Audio Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [2008-08-27 16896]
    

  341. S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-11-04 611064]
    

  342.  
  343. ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    

  344.  
  345. R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
    

  346. R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
    

  347. R2 CobianBackupAmanita;Cobian Backup 9 service; C:\Program Files\Cobian Backup 9\cbService.exe [2008-06-24 582144]
    

  348. R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2006-03-25 98304]
    

  349. R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
    

  350. R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    

  351. R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
    

  352. R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
    

  353. S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01 136176]
    

  354. S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
    

  355. S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
    

  356. S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
    

  357. S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    

  358. S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
    

  359. S3 WmcCdsLs;Aide de Windows Media Connect (WMC); C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
    

  360.  
  361. -----------------EOF-----------------

Bonsoir Sham_Rock !

Merci de t'occuper de mon cas ! :) 

Bon, pour le rapport ComboFix, trop tard, il a déjà valdingué. Je recommence et je te poste ça dès que je peux.

Concernant la balise code, si tu double clique dessus, les numéros de ligne disparaissent, magie ! :D 
Mais bon, prochaine fois j'utilise www.cijoint.com , promis ! :p 

Sinon, j'ai réussi à cerner un peu plus les problèmes.

Environ une fois sur deux quand je démarre le PC, j'ai ça, en lieu et place du logo Windows :

Google m'indique que c'est lié à la corruption de la base de registre, mais je trouve bizarre que dans ce cas ça ne le fasse pas à tous les coups ... :heink: 

Pour ce qui est des problèmes de performances, en désactivant le service "Mises à jour Windows", j'arrive à empêcher "wuauclt.exe" de se lancer, et du coup, plus de consommation excessive des ressources de ce process et du "svchost.exe" correspondant, et plus de fermeture intempestive du pare-feu Windows ou de Antivir.
Par contre, cette solution temporaire ne me satisfait qu'à moitié, j'aimerai bien pouvoir récupérer la possibilité de mettre à jour correctement mon Windows !

Voila, si tout ça peut t'aider, tant mieux !

Yop!

Je te poste le premier rapport ComboFix ci-dessous.

Dès que possible, je m'occupe de TDSSKiller et du nouveau rapport ComboFix.

Merci de ton aide.



ComboFix 10-09-01.02 - Parents 01/09/2010 22:33:26.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.511.62 [GMT 2:00]
Lancé depuis: c:\documents and settings\Parents\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((( Fichiers créés du 2010-08-01 au 2010-09-01 ))))))))))))))))))))))))))))))))))))
.

2010-08-31 01:43 . 2010-08-31 04:54 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-08-30 20:06 . 2010-08-30 20:06 -------- d-----w- c:\program files\Process Explorer
2010-08-30 19:42 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-30 19:42 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-30 14:30 . 2010-08-31 17:22 -------- d-----w- c:\documents and settings\Parents\Application Data\vlc
2010-08-30 14:09 . 2010-08-30 14:09 -------- d-----w- c:\documents and settings\Parents\Application Data\Avira
2010-08-30 13:28 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-30 13:28 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-30 13:28 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-30 13:28 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-30 13:28 . 2010-08-30 13:28 -------- d-----w- c:\program files\Avira
2010-08-30 13:28 . 2010-08-30 13:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-08-30 12:44 . 2010-08-30 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2010-08-30 10:37 . 2010-08-31 16:53 -------- d-----w- c:\program files\Trend Micro
2010-08-09 12:30 . 2010-05-23 15:50 73216 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
2010-08-09 12:30 . 2010-04-18 12:33 307200 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
2010-08-09 12:30 . 2010-04-18 12:33 172032 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
2010-08-09 07:14 . 2010-08-09 07:14 61440 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7806ca1e-n\decora-sse.dll
2010-08-09 07:14 . 2010-08-09 07:14 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\msvcp71.dll
2010-08-09 07:14 . 2010-08-09 07:14 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\jmc.dll
2010-08-09 07:14 . 2010-08-09 07:14 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\msvcr71.dll
2010-08-09 07:14 . 2010-08-09 07:14 12800 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7806ca1e-n\decora-d3d.dll
2010-08-08 15:31 . 2010-08-08 15:31 61440 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4bf61bf1-n\decora-sse.dll
2010-08-08 15:31 . 2010-08-08 15:31 503808 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\msvcp71.dll
2010-08-08 15:31 . 2010-08-08 15:31 499712 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\jmc.dll
2010-08-08 15:31 . 2010-08-08 15:31 348160 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\msvcr71.dll
2010-08-08 15:31 . 2010-08-08 15:31 12800 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4bf61bf1-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-01 20:40 . 2006-05-15 18:11 -------- d-----w- c:\documents and settings\Parents\Application Data\Skype
2010-09-01 13:38 . 2008-05-12 15:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-08-31 15:33 . 2007-09-22 09:42 -------- d-----w- c:\program files\MyPhoneExplorer
2010-08-31 15:20 . 2008-08-14 20:08 -------- d-----w- c:\program files\SuperCopier2
2010-08-31 12:39 . 2008-05-12 15:37 -------- d-----w- c:\program files\Google
2010-08-31 09:20 . 2008-08-10 12:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-30 20:05 . 2006-02-15 11:22 -------- d-----w- c:\program files\ALZip
2010-08-30 14:20 . 2009-12-12 10:26 -------- d-----w- c:\program files\Windows Live
2010-08-30 14:02 . 2008-03-06 19:48 -------- d-----w- c:\documents and settings\Parents\Application Data\skypePM
2010-08-30 12:26 . 2006-09-08 13:14 -------- d-----w- c:\program files\UltraVNC
2010-08-30 10:47 . 2007-06-20 14:18 -------- d-----w- c:\program files\Unlocker
2010-08-30 10:46 . 2006-02-18 12:18 -------- d-----w- c:\program files\Fichiers communs\Java
2010-08-30 10:45 . 2007-03-03 18:03 -------- d-----w- c:\program files\DivX
2010-08-30 10:45 . 2006-02-18 12:18 -------- d-----w- c:\program files\Java
2010-08-10 08:19 . 2005-09-07 14:12 -------- d-----w- c:\documents and settings\Arnaud\Application Data\Canon
2010-08-10 08:17 . 2005-06-27 10:03 -------- d-----w- c:\program files\Paint Shop Pro 6
2010-08-08 21:19 . 2009-11-07 18:34 -------- d-----w- c:\documents and settings\Parents\Application Data\Intelli-studio
2010-07-30 21:42 . 2009-01-31 18:10 -------- d-----w- c:\documents and settings\Parents\Application Data\FileZilla
2010-07-30 12:55 . 2005-07-11 08:52 -------- d-----w- c:\documents and settings\Parents\Application Data\Canon
2010-07-17 03:00 . 2010-06-16 14:31 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-04 17:22 . 2005-06-26 21:26 -------- d-----w- c:\program files\Canon ScanGear Toolbox Ver3
2010-06-22 11:02 . 2010-06-22 11:02 503808 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\msvcp71.dll
2010-06-22 11:02 . 2010-06-22 11:02 499712 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\jmc.dll
2010-06-22 11:02 . 2010-06-22 11:02 348160 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\msvcr71.dll
2010-06-22 11:02 . 2010-06-22 11:02 61440 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-557f9aaa-n\decora-sse.dll
2010-06-22 11:02 . 2010-06-22 11:02 12800 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-557f9aaa-n\decora-d3d.dll
2010-06-16 14:31 . 2010-06-16 14:31 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\msvcp71.dll
2010-06-16 14:31 . 2010-06-16 14:31 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\jmc.dll
2010-06-16 14:31 . 2010-06-16 14:31 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\msvcr71.dll
2010-06-16 14:31 . 2010-06-16 14:31 61440 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-142d163d-n\decora-sse.dll
2010-06-16 14:31 . 2010-06-16 14:31 12800 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-142d163d-n\decora-d3d.dll
2010-06-16 14:17 . 2010-06-16 14:17 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\msvcp71.dll
2010-06-16 14:17 . 2010-06-16 14:17 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\jmc.dll
2010-06-16 14:17 . 2010-06-16 14:17 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\msvcr71.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" [2008-06-24 2747392]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2006-11-02 15:57 528384 ----a-w- c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2001-07-25 08:00 192568 ----a-w- c:\program files\Microsoft Money\System\Money Express.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0]
2001-07-25 08:00 245810 ----a-w- c:\program files\Microsoft Money\System\Activation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 11:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSIServer"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [30/08/2010 15:28 135336]
R2 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [29/06/2008 15:03 582144]
R3 DLKRTS;D-Link DFE-530TX+ PCI Adapter NT Driver;c:\windows\system32\drivers\DLKRTS.sys [27/09/2000 17:49 29820]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [01/04/2010 22:13 136176]
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [21/05/2004 23:53 18848]
S3 GemSealC;GemSealC;c:\windows\system32\DRIVERS\GemSealC.sys --> c:\windows\system32\DRIVERS\GemSealC.sys [?]
S3 GemXGMBus;Gemalto Smart Card Bus Enumerator;c:\windows\system32\drivers\GemXGMBus.sys [03/04/2007 17:10 15872]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [19/10/2006 13:11 10664]
S3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [16/01/2009 19:47 16896]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/02/2006 14:06 611064]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - Hmnt
.
Contenu du dossier 'Tâches planifiées'

2010-09-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-12 18:54]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 20:12]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 20:12]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Parents\Application Data\Mozilla\Firefox\Profiles\468iaooo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Parents\Application Data\Mozilla\Firefox\Profiles\468iaooo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-01 22:39
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2010-09-01 22:43:02
ComboFix-quarantined-files.txt 2010-09-01 20:42

Avant-CF: 3 147 984 896 octets libres
Après-CF: 3 127 578 624 octets libres

- - End Of File - - 23B9A191A4B19D6FEA93943DEAF5085D

Bon, je n'ai pas l'impression de voir quoi que ce soit dans ce rapport ... :/ 

A part bien sûr le fait qu'il y a plein de choses qui ne sont plus d'actualité, notamment dans les drivers. Et dans les récentes modifications, on voit les traces de mon passage pour nettoyer et désinstaller la plupart des programmes du PC. :D 

Yop !

Alors voici le log TDSS :


2010/09/06 21:46:07.0259 TDSS rootkit removing tool 2.4.1.4 Aug 31 2010 16:55:25
2010/09/06 21:46:07.0259 ================================================================================
2010/09/06 21:46:07.0259 SystemInfo:
2010/09/06 21:46:07.0259
2010/09/06 21:46:07.0259 OS Version: 5.1.2600 ServicePack: 2.0
2010/09/06 21:46:07.0259 Product type: Workstation
2010/09/06 21:46:07.0259 ComputerName: LEPOUTRE
2010/09/06 21:46:07.0259 UserName: Parents
2010/09/06 21:46:07.0259 Windows directory: C:\WINDOWS
2010/09/06 21:46:07.0259 System windows directory: C:\WINDOWS
2010/09/06 21:46:07.0259 Processor architecture: Intel x86
2010/09/06 21:46:07.0259 Number of processors: 1
2010/09/06 21:46:07.0259 Page size: 0x1000
2010/09/06 21:46:07.0259 Boot type: Normal boot
2010/09/06 21:46:07.0259 ================================================================================
2010/09/06 21:46:07.0819 Initialize success
2010/09/06 21:46:12.0386 ================================================================================
2010/09/06 21:46:12.0386 Scan started
2010/09/06 21:46:12.0386 Mode: Manual;
2010/09/06 21:46:12.0386 ================================================================================
2010/09/06 21:46:14.0078 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/06 21:46:14.0199 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/06 21:46:14.0459 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2010/09/06 21:46:14.0689 AFD (944ca435bfcfc82cc1ed9e3a7d731aa9) C:\WINDOWS\System32\drivers\afd.sys
2010/09/06 21:46:15.0270 AmdK7 (c0f59933070392e662b3c2bb2be77955) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2010/09/06 21:46:15.0821 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/06 21:46:15.0991 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/06 21:46:16.0201 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/06 21:46:16.0442 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/06 21:46:16.0732 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2010/09/06 21:46:16.0912 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2010/09/06 21:46:17.0053 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2010/09/06 21:46:17.0263 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/06 21:46:17.0624 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/06 21:46:17.0804 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/09/06 21:46:18.0054 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/06 21:46:18.0214 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/06 21:46:18.0355 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/06 21:46:19.0136 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/06 21:46:19.0266 DLKRTS (156af70b4f2dfbb92544e41b894580c7) C:\WINDOWS\system32\DRIVERS\DLKRTS.SYS
2010/09/06 21:46:19.0536 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/06 21:46:19.0827 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\DRIVERS\dmio.sys
2010/09/06 21:46:19.0937 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/06 21:46:20.0077 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/06 21:46:20.0327 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/06 21:46:20.0638 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/06 21:46:20.0768 fbxusb (99b2f2d42631afaf14269a92ab68390f) C:\WINDOWS\system32\DRIVERS\fbxusb.sys
2010/09/06 21:46:20.0948 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/09/06 21:46:21.0099 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/06 21:46:21.0269 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/09/06 21:46:21.0459 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/09/06 21:46:21.0579 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/06 21:46:21.0739 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/06 21:46:21.0840 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/09/06 21:46:22.0100 GemXGMBus (704d5898b2e62a3378e4d83c63bf3e7c) C:\WINDOWS\system32\DRIVERS\GemXGMBus.sys
2010/09/06 21:46:22.0290 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/06 21:46:22.0521 hamachi_oem (c25c70fd4d49391091d9eb8c747f19e6) C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
2010/09/06 21:46:22.0981 HCF_MSFT (39e9b873299ccfc827241bccfc03be76) C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
2010/09/06 21:46:23.0562 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/06 21:46:23.0872 Hmnt (3d2e4d3184e1e3195c2cbe1951f3fec3) C:\WINDOWS\system32\drivers\Hmnt.sys
2010/09/06 21:46:24.0443 HTTP (bfb7b73c942e816c4fb4a5a7bae87136) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/06 21:46:25.0264 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/06 21:46:25.0495 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/06 21:46:25.0905 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/09/06 21:46:26.0046 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/06 21:46:26.0266 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/06 21:46:26.0526 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/06 21:46:26.0697 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/06 21:46:26.0927 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/06 21:46:27.0117 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/06 21:46:27.0287 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/06 21:46:27.0538 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/06 21:46:27.0758 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/06 21:46:28.0119 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
2010/09/06 21:46:28.0339 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/06 21:46:28.0499 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/06 21:46:28.0629 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/06 21:46:28.0830 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/06 21:46:28.0980 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/06 21:46:29.0180 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/06 21:46:29.0350 MRxSmb (5ddc9a1b2eb5a4bf010ce8c019a18c1f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/06 21:46:29.0581 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/06 21:46:29.0761 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/06 21:46:29.0931 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/06 21:46:30.0091 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/06 21:46:30.0272 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/06 21:46:30.0442 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/09/06 21:46:30.0652 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/06 21:46:30.0812 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/09/06 21:46:31.0003 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/06 21:46:31.0163 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/09/06 21:46:31.0313 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/06 21:46:31.0463 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/06 21:46:31.0634 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/06 21:46:31.0804 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/06 21:46:31.0974 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/06 21:46:32.0114 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/06 21:46:32.0415 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/06 21:46:32.0595 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/06 21:46:32.0805 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/06 21:46:33.0216 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/06 21:46:34.0057 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/06 21:46:34.0247 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/06 21:46:34.0468 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/06 21:46:34.0688 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/06 21:46:34.0808 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/06 21:46:34.0958 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/06 21:46:35.0229 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/06 21:46:36.0040 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/06 21:46:36.0200 PQNTDrv (29c3ef414266a768944bcd32bb3b5835) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2010/09/06 21:46:36.0330 Processor (f480712b761e538bc8e44ede60f3a3c3) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/09/06 21:46:36.0531 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/06 21:46:36.0711 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/06 21:46:36.0871 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/09/06 21:46:37.0532 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys
2010/09/06 21:46:37.0682 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/06 21:46:37.0863 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/06 21:46:38.0033 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/06 21:46:38.0193 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/06 21:46:38.0323 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/06 21:46:38.0443 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/06 21:46:38.0624 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/06 21:46:38.0844 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/06 21:46:39.0054 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/06 21:46:39.0315 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2010/09/06 21:46:39.0555 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
2010/09/06 21:46:39.0725 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys
2010/09/06 21:46:39.0916 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys
2010/09/06 21:46:40.0136 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
2010/09/06 21:46:40.0336 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys
2010/09/06 21:46:40.0577 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys
2010/09/06 21:46:40.0767 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys
2010/09/06 21:46:40.0947 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/06 21:46:41.0137 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/06 21:46:41.0268 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/06 21:46:41.0478 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
2010/09/06 21:46:41.0578 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
2010/09/06 21:46:41.0718 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2010/09/06 21:46:41.0888 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
2010/09/06 21:46:42.0149 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/09/06 21:46:42.0409 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/06 21:46:42.0680 sptd (090adc3d9b5730ac3b20bdd5a54e2d28) C:\WINDOWS\system32\Drivers\sptd.sys
2010/09/06 21:46:42.0940 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/06 21:46:43.0140 Srv (553007ecce7f6565bbe645beb66d3b69) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/06 21:46:43.0320 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2010/09/06 21:46:43.0491 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/09/06 21:46:43.0681 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/06 21:46:43.0831 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/06 21:46:44.0342 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/06 21:46:44.0552 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/06 21:46:44.0753 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/06 21:46:44.0933 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/06 21:46:45.0093 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/06 21:46:45.0433 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/06 21:46:45.0724 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/06 21:46:45.0974 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/09/06 21:46:46.0145 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/06 21:46:46.0295 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/06 21:46:46.0585 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/06 21:46:46.0745 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/09/06 21:46:46.0926 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/06 21:46:47.0106 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/09/06 21:46:47.0256 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/06 21:46:47.0416 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/09/06 21:46:47.0587 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2010/09/06 21:46:47.0757 viaagp (004d6ee11e1303d0a4c7502402c9f396) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2010/09/06 21:46:47.0807 viaagp1 (004d6ee11e1303d0a4c7502402c9f396) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2010/09/06 21:46:47.0967 ViaIde (a5d8b6c8d43786d4215c1df6fab0aae0) C:\WINDOWS\system32\DRIVERS\viaidexp.sys
2010/09/06 21:46:48.0087 VIAPFD (662626bccf060f2f4b6d5af7ac121ff5) C:\WINDOWS\System32\Drivers\VIAPFD.SYS
2010/09/06 21:46:48.0248 VIAudio (da53291981dbe44de51f5ad827de7a68) C:\WINDOWS\system32\drivers\viaudio.sys
2010/09/06 21:46:48.0368 vncdrv (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys
2010/09/06 21:46:48.0538 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/06 21:46:48.0708 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/06 21:46:48.0949 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/06 21:46:49.0359 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/09/06 21:46:49.0539 wsvad_driver (9d76b1d030d2af9ffbcfbb445c155663) C:\WINDOWS\system32\drivers\VirtualAudio.sys
2010/09/06 21:46:49.0790 ================================================================================
2010/09/06 21:46:49.0790 Scan finished
2010/09/06 21:46:49.0790 ================================================================================
2010/09/06 21:47:07.0295 ================================================================================
2010/09/06 21:47:07.0295 Scan started
2010/09/06 21:47:07.0295 Mode: Manual;
2010/09/06 21:47:07.0295 ================================================================================
2010/09/06 21:47:08.0096 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/06 21:47:08.0206 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/06 21:47:08.0417 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2010/09/06 21:47:08.0527 AFD (944ca435bfcfc82cc1ed9e3a7d731aa9) C:\WINDOWS\System32\drivers\afd.sys
2010/09/06 21:47:08.0927 AmdK7 (c0f59933070392e662b3c2bb2be77955) C:\WINDOWS\system32\DRIVERS\amdk7.sys
2010/09/06 21:47:09.0428 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/06 21:47:09.0538 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/06 21:47:09.0738 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/06 21:47:09.0859 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/06 21:47:09.0969 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2010/09/06 21:47:10.0109 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2010/09/06 21:47:10.0249 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2010/09/06 21:47:10.0379 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/06 21:47:10.0660 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/06 21:47:10.0780 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/09/06 21:47:10.0990 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/06 21:47:11.0100 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/06 21:47:11.0211 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/06 21:47:11.0841 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/06 21:47:11.0952 DLKRTS (156af70b4f2dfbb92544e41b894580c7) C:\WINDOWS\system32\DRIVERS\DLKRTS.SYS
2010/09/06 21:47:12.0192 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/06 21:47:12.0322 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\DRIVERS\dmio.sys
2010/09/06 21:47:12.0442 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/06 21:47:12.0563 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/06 21:47:12.0763 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/06 21:47:13.0013 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/06 21:47:13.0133 fbxusb (99b2f2d42631afaf14269a92ab68390f) C:\WINDOWS\system32\DRIVERS\fbxusb.sys
2010/09/06 21:47:13.0213 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/09/06 21:47:13.0314 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/06 21:47:13.0424 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/09/06 21:47:13.0514 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/09/06 21:47:13.0684 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/06 21:47:13.0794 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/06 21:47:13.0874 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/09/06 21:47:14.0105 GemXGMBus (704d5898b2e62a3378e4d83c63bf3e7c) C:\WINDOWS\system32\DRIVERS\GemXGMBus.sys
2010/09/06 21:47:14.0255 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/06 21:47:14.0425 hamachi_oem (c25c70fd4d49391091d9eb8c747f19e6) C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
2010/09/06 21:47:14.0595 HCF_MSFT (39e9b873299ccfc827241bccfc03be76) C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
2010/09/06 21:47:14.0756 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/06 21:47:14.0866 Hmnt (3d2e4d3184e1e3195c2cbe1951f3fec3) C:\WINDOWS\system32\drivers\Hmnt.sys
2010/09/06 21:47:15.0096 HTTP (bfb7b73c942e816c4fb4a5a7bae87136) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/06 21:47:15.0417 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/06 21:47:15.0527 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/06 21:47:15.0897 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/09/06 21:47:16.0017 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/06 21:47:16.0168 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/06 21:47:16.0308 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/06 21:47:16.0438 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/06 21:47:16.0558 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/06 21:47:16.0688 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/06 21:47:16.0839 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/06 21:47:16.0949 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/06 21:47:17.0069 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/06 21:47:17.0430 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
2010/09/06 21:47:17.0580 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/06 21:47:17.0690 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/06 21:47:17.0820 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/06 21:47:17.0970 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/06 21:47:18.0100 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/06 21:47:18.0311 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/06 21:47:18.0481 MRxSmb (5ddc9a1b2eb5a4bf010ce8c019a18c1f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/06 21:47:18.0631 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/06 21:47:18.0781 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/06 21:47:18.0902 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/06 21:47:19.0042 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/06 21:47:19.0162 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/06 21:47:19.0272 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/09/06 21:47:19.0402 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/06 21:47:19.0543 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/09/06 21:47:19.0693 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/06 21:47:19.0803 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/09/06 21:47:19.0913 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/06 21:47:20.0043 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/06 21:47:20.0193 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/06 21:47:20.0314 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/06 21:47:20.0444 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/06 21:47:20.0574 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/06 21:47:20.0764 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/06 21:47:20.0894 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/06 21:47:21.0055 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/06 21:47:21.0415 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/06 21:47:21.0636 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/06 21:47:21.0756 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/06 21:47:21.0946 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/06 21:47:22.0056 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/06 21:47:22.0176 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/06 21:47:22.0317 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/06 21:47:22.0597 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/06 21:47:23.0338 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/06 21:47:23.0488 PQNTDrv (29c3ef414266a768944bcd32bb3b5835) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2010/09/06 21:47:23.0598 Processor (f480712b761e538bc8e44ede60f3a3c3) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/09/06 21:47:23.0749 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/06 21:47:23.0879 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/06 21:47:24.0039 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/09/06 21:47:24.0650 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys
2010/09/06 21:47:24.0760 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/06 21:47:24.0900 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/06 21:47:25.0020 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/06 21:47:25.0161 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/06 21:47:25.0261 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/06 21:47:25.0351 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/06 21:47:25.0501 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/06 21:47:25.0671 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/06 21:47:25.0812 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/06 21:47:25.0972 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2010/09/06 21:47:26.0132 SE27bus (59a9eb4073a39895af314780d0a032fa) C:\WINDOWS\system32\DRIVERS\SE27bus.sys
2010/09/06 21:47:26.0252 SE27mdfl (d53e7e53107d1796825540129f8fe89f) C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys
2010/09/06 21:47:26.0392 SE27mdm (2afa2f65a6e91da5b5070e734769827e) C:\WINDOWS\system32\DRIVERS\SE27mdm.sys
2010/09/06 21:47:26.0613 SE27mgmt (5a33a8d7b44c7bd8abe248b4dcd1ff3c) C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys
2010/09/06 21:47:26.0853 se27nd5 (bb30139683bbf3ee89ec931393d9335c) C:\WINDOWS\system32\DRIVERS\se27nd5.sys
2010/09/06 21:47:27.0113 SE27obex (5da6ff71e94b9134ddd094ebb09f05e6) C:\WINDOWS\system32\DRIVERS\SE27obex.sys
2010/09/06 21:47:27.0384 se27unic (4d54a9d7c22157ab3d2442e8bcf5ecd2) C:\WINDOWS\system32\DRIVERS\se27unic.sys
2010/09/06 21:47:27.0844 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/06 21:47:28.0355 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/06 21:47:28.0626 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/06 21:47:28.0986 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
2010/09/06 21:47:29.0277 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
2010/09/06 21:47:29.0507 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2010/09/06 21:47:29.0737 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
2010/09/06 21:47:29.0937 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/09/06 21:47:30.0108 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/06 21:47:30.0278 sptd (090adc3d9b5730ac3b20bdd5a54e2d28) C:\WINDOWS\system32\Drivers\sptd.sys
2010/09/06 21:47:30.0408 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/06 21:47:30.0558 Srv (553007ecce7f6565bbe645beb66d3b69) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/06 21:47:30.0669 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2010/09/06 21:47:30.0789 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/09/06 21:47:30.0909 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/06 21:47:31.0039 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/06 21:47:31.0410 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/06 21:47:31.0580 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/06 21:47:31.0700 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/06 21:47:31.0800 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/06 21:47:31.0930 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/06 21:47:32.0161 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/06 21:47:32.0381 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/06 21:47:32.0531 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/09/06 21:47:32.0651 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/06 21:47:32.0762 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/06 21:47:32.0892 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/06 21:47:33.0032 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/09/06 21:47:33.0152 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/06 21:47:33.0272 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/09/06 21:47:33.0392 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/06 21:47:33.0503 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/09/06 21:47:33.0593 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2010/09/06 21:47:33.0893 viaagp (004d6ee11e1303d0a4c7502402c9f396) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2010/09/06 21:47:33.0953 viaagp1 (004d6ee11e1303d0a4c7502402c9f396) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2010/09/06 21:47:34.0083 ViaIde (a5d8b6c8d43786d4215c1df6fab0aae0) C:\WINDOWS\system32\DRIVERS\viaidexp.sys
2010/09/06 21:47:34.0194 VIAPFD (662626bccf060f2f4b6d5af7ac121ff5) C:\WINDOWS\System32\Drivers\VIAPFD.SYS
2010/09/06 21:47:34.0334 VIAudio (da53291981dbe44de51f5ad827de7a68) C:\WINDOWS\system32\drivers\viaudio.sys
2010/09/06 21:47:34.0464 vncdrv (4ec979b157d1aa075330362acb5424e5) C:\WINDOWS\system32\DRIVERS\vncdrv.sys
2010/09/06 21:47:34.0584 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/06 21:47:34.0724 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/06 21:47:35.0005 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/06 21:47:35.0325 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/09/06 21:47:35.0445 wsvad_driver (9d76b1d030d2af9ffbcfbb445c155663) C:\WINDOWS\system32\drivers\VirtualAudio.sys
2010/09/06 21:47:35.0676 ================================================================================
2010/09/06 21:47:35.0676 Scan finished
2010/09/06 21:47:35.0676 ================================================================================


Et le log ComboFix suivant :


ComboFix 10-09-06.02 - Parents 06/09/2010 21:56:00.3.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.511.27 [GMT 2:00]
Lancé depuis: c:\documents and settings\Parents\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((( Fichiers créés du 2010-08-06 au 2010-09-06 ))))))))))))))))))))))))))))))))))))
.

2010-08-31 01:43 . 2010-08-31 04:54 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-08-30 20:06 . 2010-08-30 20:06 -------- d-----w- c:\program files\Process Explorer
2010-08-30 19:42 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-30 19:42 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-30 14:30 . 2010-09-05 14:45 -------- d-----w- c:\documents and settings\Parents\Application Data\vlc
2010-08-30 14:09 . 2010-08-30 14:09 -------- d-----w- c:\documents and settings\Parents\Application Data\Avira
2010-08-30 13:28 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-08-30 13:28 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-30 13:28 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-08-30 13:28 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-08-30 13:28 . 2010-08-30 13:28 -------- d-----w- c:\program files\Avira
2010-08-30 13:28 . 2010-08-30 13:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-08-30 12:44 . 2010-08-30 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2010-08-30 10:37 . 2010-08-31 16:53 -------- d-----w- c:\program files\Trend Micro
2010-08-09 12:30 . 2010-05-23 15:50 73216 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
2010-08-09 12:30 . 2010-04-18 12:33 307200 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
2010-08-09 12:30 . 2010-04-18 12:33 172032 ----a-w- c:\documents and settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\wzwth3f6.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
2010-08-09 07:14 . 2010-08-09 07:14 61440 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7806ca1e-n\decora-sse.dll
2010-08-09 07:14 . 2010-08-09 07:14 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\msvcp71.dll
2010-08-09 07:14 . 2010-08-09 07:14 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\jmc.dll
2010-08-09 07:14 . 2010-08-09 07:14 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-55b68a8d-n\msvcr71.dll
2010-08-09 07:14 . 2010-08-09 07:14 12800 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-7806ca1e-n\decora-d3d.dll
2010-08-08 15:31 . 2010-08-08 15:31 61440 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4bf61bf1-n\decora-sse.dll
2010-08-08 15:31 . 2010-08-08 15:31 503808 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\msvcp71.dll
2010-08-08 15:31 . 2010-08-08 15:31 499712 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\jmc.dll
2010-08-08 15:31 . 2010-08-08 15:31 348160 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-3f082ea2-n\msvcr71.dll
2010-08-08 15:31 . 2010-08-08 15:31 12800 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4bf61bf1-n\decora-d3d.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 20:03 . 2006-05-15 18:11 -------- d-----w- c:\documents and settings\Parents\Application Data\Skype
2010-09-06 19:44 . 2006-02-15 11:22 -------- d-----w- c:\program files\ALZip
2010-09-06 18:43 . 2008-05-12 15:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-09-04 07:56 . 2005-06-27 10:03 -------- d-----w- c:\program files\Paint Shop Pro 6
2010-08-31 15:33 . 2007-09-22 09:42 -------- d-----w- c:\program files\MyPhoneExplorer
2010-08-31 15:20 . 2008-08-14 20:08 -------- d-----w- c:\program files\SuperCopier2
2010-08-31 12:39 . 2008-05-12 15:37 -------- d-----w- c:\program files\Google
2010-08-31 09:20 . 2008-08-10 12:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-30 14:20 . 2009-12-12 10:26 -------- d-----w- c:\program files\Windows Live
2010-08-30 14:02 . 2008-03-06 19:48 -------- d-----w- c:\documents and settings\Parents\Application Data\skypePM
2010-08-30 12:26 . 2006-09-08 13:14 -------- d-----w- c:\program files\UltraVNC
2010-08-30 10:47 . 2007-06-20 14:18 -------- d-----w- c:\program files\Unlocker
2010-08-30 10:46 . 2006-02-18 12:18 -------- d-----w- c:\program files\Fichiers communs\Java
2010-08-30 10:45 . 2007-03-03 18:03 -------- d-----w- c:\program files\DivX
2010-08-30 10:45 . 2006-02-18 12:18 -------- d-----w- c:\program files\Java
2010-08-10 08:19 . 2005-09-07 14:12 -------- d-----w- c:\documents and settings\Arnaud\Application Data\Canon
2010-08-08 21:19 . 2009-11-07 18:34 -------- d-----w- c:\documents and settings\Parents\Application Data\Intelli-studio
2010-07-30 21:42 . 2009-01-31 18:10 -------- d-----w- c:\documents and settings\Parents\Application Data\FileZilla
2010-07-30 12:55 . 2005-07-11 08:52 -------- d-----w- c:\documents and settings\Parents\Application Data\Canon
2010-07-17 03:00 . 2010-06-16 14:31 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-22 11:02 . 2010-06-22 11:02 503808 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\msvcp71.dll
2010-06-22 11:02 . 2010-06-22 11:02 499712 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\jmc.dll
2010-06-22 11:02 . 2010-06-22 11:02 348160 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1df3ff17-n\msvcr71.dll
2010-06-22 11:02 . 2010-06-22 11:02 61440 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-557f9aaa-n\decora-sse.dll
2010-06-22 11:02 . 2010-06-22 11:02 12800 ----a-w- c:\documents and settings\Parents\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-557f9aaa-n\decora-d3d.dll
2010-06-16 14:31 . 2010-06-16 14:31 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\msvcp71.dll
2010-06-16 14:31 . 2010-06-16 14:31 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\jmc.dll
2010-06-16 14:31 . 2010-06-16 14:31 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-11a0c9b6-n\msvcr71.dll
2010-06-16 14:31 . 2010-06-16 14:31 61440 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-142d163d-n\decora-sse.dll
2010-06-16 14:31 . 2010-06-16 14:31 12800 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-142d163d-n\decora-d3d.dll
2010-06-16 14:17 . 2010-06-16 14:17 503808 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\msvcp71.dll
2010-06-16 14:17 . 2010-06-16 14:17 499712 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\jmc.dll
2010-06-16 14:17 . 2010-06-16 14:17 348160 ----a-w- c:\documents and settings\Arnaud\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-614a9c87-n\msvcr71.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-09-01_20.39.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-06 06:13 . 2010-09-06 06:13 16384 c:\windows\Temp\Perflib_Perfdata_62c.dat
+ 2010-09-06 18:21 . 2010-09-06 18:21 16384 c:\windows\Temp\Perflib_Perfdata_590.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" [2008-06-24 2747392]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
2006-11-02 15:57 528384 ----a-w- c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2001-07-25 08:00 192568 ----a-w- c:\program files\Microsoft Money\System\Money Express.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0]
2001-07-25 08:00 245810 ----a-w- c:\program files\Microsoft Money\System\Activation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 11:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSIServer"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [30/08/2010 15:28 135336]
R2 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [29/06/2008 15:03 582144]
R3 DLKRTS;D-Link DFE-530TX+ PCI Adapter NT Driver;c:\windows\system32\drivers\DLKRTS.sys [27/09/2000 17:49 29820]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [01/04/2010 22:13 136176]
S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [21/05/2004 23:53 18848]
S3 GemSealC;GemSealC;c:\windows\system32\DRIVERS\GemSealC.sys --> c:\windows\system32\DRIVERS\GemSealC.sys [?]
S3 GemXGMBus;Gemalto Smart Card Bus Enumerator;c:\windows\system32\drivers\GemXGMBus.sys [03/04/2007 17:10 15872]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [19/10/2006 13:11 10664]
S3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [16/01/2009 19:47 16896]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/02/2006 14:06 611064]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - KLMD24
*Deregistered* - Hmnt
*Deregistered* - klmd24
.
Contenu du dossier 'Tâches planifiées'

2010-09-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-12 18:54]

2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 20:12]

2010-09-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 20:12]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Parents\Application Data\Mozilla\Firefox\Profiles\468iaooo.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - component: c:\documents and settings\Parents\Application Data\Mozilla\Firefox\Profiles\468iaooo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 22:02
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2010-09-06 22:09:11
ComboFix-quarantined-files.txt 2010-09-06 20:09

Avant-CF: 3 001 040 896 octets libres
Après-CF: 3 007 799 296 octets libres

- - End Of File - - 1124C4B8204681D0AF097288E5CC1E4E


Perso, je ne vois rien de bien méchant là-dedans ...
Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde