Rapport hijackthis, Pc infecté de l'aide svp

Re ,

Merci encore mille fois pour ton aide

Donc voila le rapport ZHPDiag :

Rapport de ZHPDiag v1.24.45 par Nicolas Coolman
Run by Administrateur at 18/01/2010 17:06:36
Web site : www.premiumorange.com…
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
MSIE: Internet Explorer v6.0.2900.2180

Boot mode: Normal (Normal boot)
Total RAM: 191 MB (26% free)
System drive C: has 4 GB (10%) free of 37 GB

—\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 37 Go)
D:\ CD-ROM drive (Not Inserted)

—\ Processus lancés
[MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - C:\WINDOWS\System32\svchost.exe
[MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - C:\WINDOWS\system32\services.exe
[MD5.9F3744A5C6F49291A7A685040A013399] - C:\WINDOWS\system32\lsass.exe
[MD5.B4EF928E4FAD79364A80ACBA6D999934] - C:\WINDOWS\system32\spoolsv.exe

—\ Pages de démarrage d’Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.microsoft.com…

—\ Pages de recherche d’Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ie.search.msn.com…

—\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\system32\shdocvw.dll

—\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (not file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (not file)

—\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx

—\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM…\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM…\policies\Explorer: [NoDrives] Data=0
O4 - HKCU…\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKCU…\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKCU…\policies\Explorer: [NoDrives] Data=0

—\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll

—\ Piratage de l’Option ‘Rétablir les paramètres Web’ (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com…

—\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll

—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

—\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Spouleur d’impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

—\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1078145449-725345543-500Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1078145449-725345543-500UA.job

—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Outils d’installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d’adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx
O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

—\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Pilote de connexion automatique d’accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

—\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: CCleaner
O42 - Logiciel: Guitar Pro 5.0
O42 - Logiciel: MSVCRT
O42 - Logiciel: Malwarebytes’ Anti-Malware
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Realtek AC’97 Audio
O42 - Logiciel: Revo Uninstaller 1.85
O42 - Logiciel: SAGEM Wi-Fi 11g USB adapter (pilote)
O42 - Logiciel: Sagem Wi-Fi 11g USB adapter (driver)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: VLC media player 1.0.1
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: eMule

—\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 5
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes’ Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\movie maker
O43 - CFD:Common File Directory ----D- C:\Program Files\msn gaming zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97
O43 - CFD:Common File Directory ----D- C:\Program Files\Securitoo
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 18/01/2010 - 16:54:57 —A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/01/2010 - 16:51:52 —A- C:\WINDOWS\0.log
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 18/01/2010 - 16:51:41 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.CB051D06106ADC9F5C15DAE2A21EA927] - 16/01/2010 - 20:01:41 —A- C:\ComboFix.txt
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 16/01/2010 - 19:51:16 —A- C:\WINDOWS\system.ini
O44 - LFC:[MD5.B628952F330F85E5862A4D92BA0F9512] - 16/01/2010 - 19:42:18 RSHA- C:\boot.ini
O44 - LFC:[MD5.B7B344A383243B32862FE90C66568265] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:[MD5.683349A08822D0357C979F906C1D4216] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:[MD5.33711E10954ADF2099296BE96B1D2DA8] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:[MD5.48341D625040FCD27388F4A92EBAD4C4] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:[MD5.36844B51E2D5EF74FF9F42475FA763D2] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:[MD5.D833C1B233595F55098F9264E2D69E20] - 12/01/2010 - 09:13:54 —A- C:\WINDOWS\System32\d3d9caps.dat
O44 - LFC:[MD5.73B18BEAD24FD93FD0A2A4D11BF6FCCB] - 12/01/2010 - 08:25:01 —A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 —A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 —A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:[MD5.3862A8602F0B99E8E3475EFD3A6DAE21] - 04/01/2010 - 02:51:28 —A- C:\WINDOWS\System32\deploytk.dll

—\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

—\ Export de clé d’application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - “%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - “C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe:
:Enabled:eMule"
O47 - AAKE:Key Export DP - “%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

—\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

—\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\vgasave.sys

—\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

—\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM…\Drivers"timer"=“timer.drv”
O52 - TDSD:HKLM…\Drivers32"midimapper"=“midimap.dll”
O52 - TDSD:HKLM…\Drivers32"msacm.imaadpcm"=“imaadp32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msadpcm"=“msadp32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msg711"=“msg711.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msgsm610"=“msgsm32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.trspch"=“tssoft32.acm”
O52 - TDSD:HKLM…\Drivers32"vidc.cvid"=“iccvid.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.I420"=“msh263.drv”
O52 - TDSD:HKLM…\Drivers32"vidc.iv31"=“ir32_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.iv32"=“ir32_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.iv41"=“ir41_32.ax”
O52 - TDSD:HKLM…\Drivers32"vidc.iyuv"=“iyuv_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.mrle"=“msrle32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.msvc"=“msvidc32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.uyvy"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yuy2"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yvu9"=“tsbyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yvyu"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"wavemapper"=“msacm32.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.msg723"=“msg723.acm”
O52 - TDSD:HKLM…\Drivers32"vidc.M263"=“msh263.drv”
O52 - TDSD:HKLM…\Drivers32"vidc.M261"=“msh261.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.msaudio1"=“msaud32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.sl_anet"=“sl_anet.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.iac2"=“C:\WINDOWS\system32\iac25_32.ax”
O52 - TDSD:HKLM…\Drivers32"vidc.iv50"=“ir50_32.dll”
O52 - TDSD:HKLM…\Drivers32"msacm.l3acm"=“C:\WINDOWS\system32\l3codeca.acm”
O52 - TDSD:HKLM…\Drivers32"wave"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"midi"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"mixer"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.siren"=“sirenacm.dll”
O52 - TDSD:HKLM…\drivers.desc"msaud32.acm"=“Windows Media Audio Codec”
O52 - TDSD:HKLM…\drivers.desc"sl_anet.acm"=“Sipro Lab Telecom Audio Codec”
O52 - TDSD:HKLM…\drivers.desc"C:\WINDOWS\system32\iac25_32.ax"=“Indeo® audio software”
O52 - TDSD:HKLM…\drivers.desc"ir50_32.dll"=“Indeo® video 5.10”
O52 - TDSD:HKLM…\drivers.desc"C:\WINDOWS\system32\l3codeca.acm"=“Fraunhofer IIS MPEG Layer-3 Codec”
O52 - TDSD:HKLM…\drivers.desc"wdmaud.drv"=“Realtek AC’97 Audio”
O52 - TDSD:HKLM…\drivers.desc"sirenacm.dll"=“Messenger Audio Codec”

—\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM…\CurrentControlSet\Control] - “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM…\ControlSet001\Control] - “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

—\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM…\Policies\System] - “dontdisplaylastusername”=0
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticecaption”=
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticetext”=
O55 - MWPS:[HKLM…\Policies\System] - “shutdownwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “undockwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “DisableRegistryTools”=0

—\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDriveTypeAutoRun”=323
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDriveAutoRun”=67108863
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDrives”=0
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDriveAutoRun”=67108863
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDriveTypeAutoRun”=323
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDrives”=0

—\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.0BD94FBFC14EA3606CD6CA4C0255BAA3] - 04/08/2004 - 01:36:58 —A- C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:[MD5.E4ABC1212B70BB03D35E60681C447210] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:[MD5.841F385C6CFAF66B58FBD898722BB4F0] - 03/08/2004 - 22:39:38 —A- C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - 04/08/2004 - 00:14:16 —A- C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:[MD5.F3E15607BA53249C765E36388B332C2F] - 08/03/2007 - 14:34:46 R–A- C:\WINDOWS\system32\drivers\alcxwdm.sys
O58 - SDL:[MD5.F7DDE198231BE379DF7F9E1FD6777BFF] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:[MD5.C0F59933070392E662B3C2BB2BE77955] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:[MD5.F0D692B0BFFB46E30EB3CEA168BBC49F] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:[MD5.02000ABF34AF4C218C35D257024807D6] - 04/08/2004 - 00:05:04 —A- C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - 03/08/2004 - 23:59:44 —A- C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:[MD5.EC88DA854AB7D7752EC8BE11A741BB7F] - 03/08/2004 - 23:58:32 —A- C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:[MD5.0128E78FE835F074E469F03DB681CA9E] - 03/08/2004 - 23:58:36 —A- C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 22:59:44 —A- C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 20:30:54 —A- C:\WINDOWS\system32\drivers\avgntflt.sys
O58 - SDL:[MD5.EA22EDADF90C0ABA8319454B2A07B700] - 17/08/2001 - 22:57:54 —A- C:\WINDOWS\system32\drivers\battc.sys
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:[MD5.E4E6A0922E3D983728C9AD4E8D466954] - 03/08/2004 - 23:59:58 —A- C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - 04/08/2004 - 00:14:12 —A- C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:[MD5.AF9C19B3100FE010496B1A27181FBF72] - 03/08/2004 - 23:59:54 —A- C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.D86173B401470F06D9810F7962969DDF] - 04/08/2004 - 00:14:28 —A- C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:[MD5.4266BE808F85826AEDF3C64C1E240203] - 04/08/2004 - 00:07:40 —A- C:\WINDOWS\system32\drivers\CmBatt.sys
O58 - SDL:[MD5.DF1B1A24BF52D0EBC01ED4ECE8979F50] - 17/08/2001 - 22:58:00 —A- C:\WINDOWS\system32\drivers\compbatt.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.3B2457605666FD854E738C3D25859CA3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:[MD5.00CA44E4534865F8A3B64F7C0984BFF0] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:[MD5.D16C81677A9BE399C63CD2EA486472A5] - 03/08/2004 - 23:59:54 —A- C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:[MD5.E2D3B7620310FE56685F9B15A6B404B3] - 04/08/2004 - 01:46:08 —A- C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:[MD5.C77F5C20AA70197A69AA84BAA9DE43C8] - 04/08/2004 - 01:46:20 —A- C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:[MD5.A6F881284AC1150E37D9AE47FF601267] - 03/08/2004 - 23:07:40 —A- C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:[MD5.FF86422268DE771D571E123EB7092C6A] - 03/08/2004 - 23:08:00 —A- C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 03/08/2004 - 23:07:58 —A- C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:[MD5.D3DAC8432110AAD0B02A58B4459AB835] - 04/08/2004 - 00:00:56 —A- C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:[MD5.3117F595E9615E04F05A54FC15A03B20] - 04/08/2004 - 00:14:18 —A- C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:[MD5.CED2E8396A8838E59D8FD529C680E02C] - 03/08/2004 - 23:59:28 —A- C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 21:13:08 —A- C:\WINDOWS\system32\drivers\fetnd5.sys
O58 - SDL:[MD5.8B121FF880683607AB2AEF0340721718] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:[MD5.0DD1DE43115B93F4D85E889D7A86F548] - 03/08/2004 - 23:59:28 —A- C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:[MD5.157754F0DF355A9E0A6F54721914F9C6] - 04/08/2004 - 00:01:20 —A- C:\WINDOWS\system32\drivers\fltMgr.sys
O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:[MD5.4216CD545E5C30807B560C5DCAA812E6] - 04/08/2004 - 00:07:44 —A- C:\WINDOWS\system32\drivers\GAGP30KX.SYS
O58 - SDL:[MD5.378055AB8DDA86228683C697C4E11685] - 04/08/2004 - 00:08:20 —A- C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:[MD5.5FFF41CD5108E9051D255C37825AF697] - 04/08/2004 - 00:08:18 —A- C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:[MD5.C19B522A9AE0BBC3293397F3055E80A1] - 04/08/2004 - 00:00:14 —A- C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:[MD5.D1EFCBD693B5BA21314D06368C471070] - 04/08/2004 - 01:41:24 —A- C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - 04/08/2004 - 00:00:16 —A- C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:[MD5.DD5AD1E79AC26D3F8D8828AD4627F160] - 04/08/2004 - 01:43:40 —A- C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:[MD5.4448006B6BC60E6C027932CFC38D6855] - 04/08/2004 - 00:00:08 —A- C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:[MD5.E1EC7F5DA720B640CD8FB8424F1B14BB] - 04/08/2004 - 00:04:46 —A- C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - 04/08/2004 - 00:04:52 —A- C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - 04/08/2004 - 00:14:30 —A- C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 04/08/2004 - 00:00:48 —A- C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:[MD5.54632F1A7DE61DC3615D756F2A90FA72] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:[MD5.E798705E8DC7FAB596EF6BFDF167E007] - 04/08/2004 - 01:45:12 —A- C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:[MD5.D93CAD07C5683DB066B0B2D2D3790EAD] - 03/08/2004 - 23:07:50 —A- C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:[MD5.B9540E258F952650DE8DEC68719A5C97] - 03/08/2004 - 23:15:22 —A- C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:[MD5.EB7FFE87FD367EA8FCA0506F74A87FBB] - 03/08/2004 - 23:59:48 —A- C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 —A- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 —A- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:[MD5.729D83E56C29C510258A6E9E79FFDDC3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:[MD5.5AC7E16F5B40A6DA14B5F2B3ADA4693E] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:[MD5.7D4F19411BD941E1D432A99E24230386] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:[MD5.65653F3B4477F3C63E68A9659F85EE2E] - 03/08/2004 - 23:58:32 —A- C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:[MD5.DB07B0088CDFD20C2A22E675120EDE34] - 03/08/2004 - 23:58:22 —A- C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:[MD5.46EDCC8F2DB2F322C24F48785CB46366] - 04/08/2004 - 00:00:58 —A- C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - 04/08/2004 - 00:15:18 —A- C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:[MD5.561B3A4333CA2DBDBA28B5B956822519] - 04/08/2004 - 00:00:42 —A- C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:[MD5.C0F1D4A21DE5A415DF8170616703DEBF] - 04/08/2004 - 00:04:14 —A- C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 03/08/2004 - 22:58:42 —A- C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 03/08/2004 - 22:58:40 —A- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 03/08/2004 - 22:58:42 —A- C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:[MD5.469541F8BFD2B32659D5D463A6714BCE] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:[MD5.82035E0F41C2DD05AE41D27FE6CF7DE1] - 04/08/2004 - 00:15:22 —A- C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:[MD5.558635D3AF1C7546D26067D5D9B6959E] - 04/08/2004 - 00:14:30 —A- C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:[MD5.08D43BBDACDF23F34D79E44ED35C1B4C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:[MD5.34D6CD56409DA9A7ED573E1C90A308BF] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:[MD5.0B90E255A9490166AB368CD55A529893] - 04/08/2004 - 00:14:32 —A- C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:[MD5.59FC3FB44D2669BC144FD87826BB571F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:[MD5.3A2ACA8FC1D7786902CA434998D7CEB4] - 04/08/2004 - 00:03:22 —A- C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:[MD5.0C80E410CD2F47134407EE7DD19CC86B] - 04/08/2004 - 00:14:38 —A- C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:[MD5.5C5C53DB4FEF16CF87B9911C7E8C6FBC] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.60CF8C7192B3614F240838DDBAA4A245] - 03/08/2004 - 23:59:52 —A- C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:[MD5.4F601BCB8F64EA3AC0994F98FED03F8E] - 04/08/2004 - 00:00:44 —A- C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:[MD5.B78BE402C3F63DD55521F73876951CDD] - 04/08/2004 - 00:15:10 —A- C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:[MD5.79EA3FCDA7067977625B3363A2657C80] - 04/08/2004 - 00:03:36 —A- C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:[MD5.03373A79440473062C6F3AEDEC6A49C8] - 04/08/2004 - 00:02:24 —A- C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:[MD5.136E0CEA9BD1C42066692DECFA5C6418] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:[MD5.318696359AC7DF48D1E51974EC527DD2] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:[MD5.3334430C29DC338092F79C38EF7B4CD0] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:[MD5.7C5DA5C1ED801AD8B0309D5514F0B75E] - 04/08/2004 - 01:37:06 —A- C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:[MD5.520B91AB011456B940D9B05FC91108FF] - 03/08/2004 - 23:59:42 —A- C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:[MD5.641DA274E163617EA7A33506BC6DA8E3] - 04/08/2004 - 01:37:12 —A- C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:[MD5.5B0F00E43A7094C0B7E433CB42C79164] - 03/08/2004 - 23:15:50 —A- C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:[MD5.F480712B761E538BC8E44EDE60F3A3C3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:[MD5.48671F327553DCF1D27F6197F622A668] - 04/08/2004 - 00:04:20 —A- C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - 04/08/2004 - 00:14:24 —A- C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:[MD5.7306EEED8895454CBED4669BE9F79FAA] - 04/08/2004 - 00:05:08 —A- C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:[MD5.1C5CC65AAC0783C344F16353E60B72AC] - 04/08/2004 - 00:14:28 —A- C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:[MD5.29D66245ADBA878FFF574CD66ABD2884] - 04/08/2004 - 00:20:08 —A- C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 03/08/2004 - 23:01:16 —A- C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:[MD5.D4F5643D7714EF499AE9527FDCD50894] - 04/08/2004 - 01:55:14 —A- C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - 04/08/2004 - 01:39:44 —A- C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.35E81B908AE4E97FC7BDF4607C516FF4] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\RMCast.sys
O58 - SDL:[MD5.7CE8B277F3207EA82D7D22AD348BEFC6] - 04/08/2004 - 00:04:32 —A- C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:[MD5.D7FD0FF761E28AC0EA35AD71E0CD67E9] - 03/08/2004 - 23:59:42 —A- C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:[MD5.02FC71B020EC8700EE8A46C58BC6F276] - 04/08/2004 - 00:07:48 —A- C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 12:36:38 —A- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.A2D868AEEFF612E70E213C451A70CAFB] - 03/08/2004 - 23:59:08 —A- C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:[MD5.653201755CA96AB4AAA4131DAF6DA356] - 04/08/2004 - 01:41:26 —A- C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:[MD5.1D9F1BEC651815741F088A8FB88E17EE] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:[MD5.586499FD312FFD7F78553F408E71682E] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:[MD5.0D13B6DF6E9E101013A7AFB0CE629FE0] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:[MD5.ADDC9E4757A68AB60562AD3CB9C288D6] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:[MD5.8E186B8F23295D1E42C573B82B80D548] - 03/08/2004 - 23:07:48 —A- C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:[MD5.B52181023B827ACDA36C1B76751EBFFD] - 04/08/2004 - 01:49:46 —A- C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:[MD5.20B7E396720353E4117D64D9DCB926CA] - 04/08/2004 - 00:14:46 —A- C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:[MD5.C43356072EB3E88CD62958DB10CEAD47] - 03/08/2004 - 23:08:04 —A- C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:[MD5.03C1BAE4766E2450219D20B993D6E046] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 17/08/2001 - 22:00:52 —A- C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 03/08/2004 - 23:15:56 —A- C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:[MD5.A2A9CA0D1A9AC1FF54220AA0789FE5CF] - 04/08/2004 - 00:00:00 —A- C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:[MD5.27A5959C94EE173A063CA06BD14F021A] - 18/08/2004 - 10:22:25 —A- C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:[MD5.4D58BB1AE8841AAFD8790AD7E1E3B8EA] - 04/08/2004 - 00:07:46 —A- C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:[MD5.6891B74AB9A016064E82A419388D0601] - 04/08/2004 - 00:07:50 —A- C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 04/08/2004 - 01:55:12 —A- C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 04/08/2004 - 01:55:14 —A- C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:[MD5.A540A99C281D933F3D69D55E48727F47] - 04/08/2004 - 00:55:12 —A- C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.87A0E9E18C10A9E454238E3330E2A26D] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:[MD5.12F70256F140CD7D52C58C7048FDE657] - 04/08/2004 - 00:00:32 —A- C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:[MD5.AFF2E5045961BBC0A602BB6F95EB1345] - 03/08/2004 - 23:58:34 —A- C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:[MD5.AF090265EC388BAB320F1FF7E7A7D5EA] - 04/08/2004 - 00:04:34 —A- C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:[MD5.2654EECC6FB13603EBDDCD5C8EA943D1] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:[MD5.61018BA9DF6B63E51D9753C980E73EC2] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:[MD5.15E993BA2F6946B2BFBBFCD30398621E] - 04/08/2004 - 00:08:38 —A- C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:[MD5.C72F40947F92CEA56A8FB532EDF025F1] - 04/08/2004 - 00:08:44 —A- C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:[MD5.2853FD4C4489E0F8BFCF78EFCDB7E998] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:[MD5.2034CA78F9C6E787B4B76D81AC888351] - 04/08/2004 - 00:08:44 —A- C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:[MD5.6CD7B22193718F1D17A47A1CD6D37E75] - 03/08/2004 - 23:08:48 —A- C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:[MD5.F8FD1400092E23C8F2F31406EF06167B] - 04/08/2004 - 00:08:38 —A- C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.8A60EDD72B4EA5AEA8202DAF0E427925] - 04/08/2004 - 00:07:08 —A- C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:[MD5.59CB1338AD3654417BEA49636457F65D] - 03/08/2004 - 23:59:44 —A- C:\WINDOWS\system32\drivers\viaide.sys
O58 - SDL:[MD5.D5A9D123F5ED7C9965A481BD20CF66D8] - 04/08/2004 - 00:07:06 —A- C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - 04/08/2004 - 01:44:16 —A- C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:[MD5.984EF0B9788ABF89974CFED4BFBAACBC] - 04/08/2004 - 00:04:58 —A- C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:[MD5.2797F33EBF50466020C430EE4F037933] - 03/08/2004 - 23:15:06 —A- C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:[MD5.79C47EA75DBEA178A7C87B080E093E81] - 22/12/2005 - 14:45:18 —A- C:\WINDOWS\system32\drivers\WlanBZ64.SYS
O58 - SDL:[MD5.478B4415DFB3A45B6FE61EC781E07D7B] - 22/12/2005 - 14:45:18 —A- C:\WINDOWS\system32\drivers\WlanBZXP.sys
O58 - SDL:[MD5.C383926D4BA41AFBCA592B2AD1FE4109] - 17/06/2005 - 10:27:00 —A- C:\WINDOWS\system32\drivers\WlanUIG.sys
O58 - SDL:[MD5.ED45A2CC094D9476CC1DA9EACBCF0D57] - 09/01/2006 - 11:26:22 —A- C:\WINDOWS\system32\drivers\WlanUZXP.sys
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:[MD5.E11183B2F02AE38915982D10D717C6C6] - 09/01/2006 - 11:26:24 —A- C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 23:46:56 —A- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 —A- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 —A- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 —A- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 —A- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 —A- C:\WINDOWS\system32\ntio804.sys
O58 - SDL:[MD5.C9BF2F12C4E6C12F8A85FBA4B6BC6208] - 04/08/2004 - 00:07:34 —A- C:\WINDOWS\system32\watchdog.sys
O58 - SDL:[MD5.6B8D8840CC7D6C822FD159613D61EBA3] - 04/08/2004 - 01:45:58 —A- C:\WINDOWS\system32\win32k.sys

—\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24
O63 - Logiciel: FindyKill
O63 - Logiciel: RSIT

—\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - AFD (AFD) - LEGACY_AFD
O64 - Services: CurCS - Service de la passerelle de la couche Application (ALG) - LEGACY_ALG
O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV
O64 - Services: CurCS - No object (No service) - LEGACY_AVGIO
O64 - Services: CurCS - No object (No service) - LEGACY_AVIPBB
O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP
O64 - Services: CurCS - Service de transfert intelligent en arrière-plan (BITS) - LEGACY_BITS
O64 - Services: CurCS - Explorateur d’ordinateur (Browser) - LEGACY_BROWSER
O64 - Services: CurCS - catchme (catchme) - LEGACY_CATCHME
O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS
O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP
O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC
O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP
O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT
O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD
O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER
O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE
O64 - Services: CurCS - Service de rapport d’erreurs (ERSvc) - LEGACY_ERSVC
O64 - Services: CurCS - Système d’événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS
O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR
O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC
O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC
O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC
O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP
O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - Pilote du pare-feu Windows IPv6 (Ip6Fw) - LEGACY_IP6FW
O64 - Services: CurCS - Traducteur d’adresses réseau IP (IpNat) - LEGACY_IPNAT
O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC
O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD
O64 - Services: CurCS - Serveur (lanmanserver) - LEGACY_LANMANSERVER
O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS
O64 - Services: CurCS - mbr (mbr) - LEGACY_MBR
O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD
O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR
O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV
O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB
O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC
O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS
O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER
O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP
O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS
O64 - Services: CurCS - Pilote TAPI NDIS d’accès distant (NdisTapi) - LEGACY_NDISTAPI
O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO
O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY
O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS
O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT
O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN
O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA
O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS
O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS
O64 - Services: CurCS - Null (Null) - LEGACY_NULL
O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR
O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM
O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT
O64 - Services: CurCS - PROCEXP113 (PROCEXP113) - LEGACY_PROCEXP113
O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - Pilote de connexion automatique d’accès distant (RasAcd) - LEGACY_RASACD
O64 - Services: CurCS - Rdbss (Rdbss) - LEGACY_RDBSS
O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD
O64 - Services: CurCS - RDPNP (RDPNP) - LEGACY_RDPNP
O64 - Services: CurCS - Accès à distance au Registre (RemoteRegistry) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS
O64 - Services: CurCS - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS
O64 - Services: CurCS - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE
O64 - Services: CurCS - Connexion secondaire (seclogon) - LEGACY_SECLOGON
O64 - Services: CurCS - Notification d’événement système (SENS) - LEGACY_SENS
O64 - Services: CurCS - Serial (Serial) - LEGACY_SERIAL
O64 - Services: CurCS - Pare-feu Windows / Partage de connexion Internet (SharedAccess) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - Spouleur d’impression (Spooler) - LEGACY_SPOOLER
O64 - Services: CurCS - Pilote de filtre de restauration système (sr) - LEGACY_SR
O64 - Services: CurCS - Service de restauration système (srservice) - LEGACY_SRSERVICE
O64 - Services: CurCS - Srv (Srv) - LEGACY_SRV
O64 - Services: CurCS - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV
O64 - Services: CurCS - No object (No service) - LEGACY_SSMDRV
O64 - Services: CurCS - Acquisition d’image Windows (WIA) (stisvc) - LEGACY_STISVC
O64 - Services: CurCS - Téléphonie (TapiSrv) - LEGACY_TAPISRV
O64 - Services: CurCS - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP
O64 - Services: CurCS - Services Terminal Server (TermService) - LEGACY_TERMSERVICE
O64 - Services: CurCS - Thèmes (Themes) - LEGACY_THEMES
O64 - Services: CurCS - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS
O64 - Services: CurCS - Udfs (Udfs) - LEGACY_UDFS
O64 - Services: CurCS - vga (vga) - LEGACY_VGA
O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE
O64 - Services: CurCS - VolSnap (VolSnap) - LEGACY_VOLSNAP
O64 - Services: CurCS - Horloge Windows (W32Time) - LEGACY_W32TIME
O64 - Services: CurCS - Pilote ARP IP d’accès distant (Wanarp) - LEGACY_WANARP
O64 - Services: CurCS - WebClient (WebClient) - LEGACY_WEBCLIENT
O64 - Services: CurCS - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT
O64 - Services: CurCS - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV
O64 - Services: CurCS - Centre de sécurité (wscsvc) - LEGACY_WSCSVC
O64 - Services: CurCS - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV
O64 - Services: CurCS - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC

End of the scan: 698 lines

Salut

Fais ceci

  1. Mets à jour Explorer

==>Explorer

2)Contrôle tes mises à jour prioritaires Windows

Cliques sur démarrer ==> Tous les programmes ==> Windows Update

  1. Télécharger JavaRa.Zip de Paul McLain & Fred de Vries sur le bureau

==> JavaRa

Clic droit sur le le fichier téléchargé et choisir Extraire Tout (c’est un fichier compressé)
Pour exécuter l’utilitaire,

, double-cliquer sur JavaRa.exe

Choisis la langue préférée , cocher Remember my selection et cliquer alors sur Select

Cliques ==> Search For Updates

ensuite

  1. télécharges cet Utlitaire ==>FileHippo

==>FileHippo

installes et aprés analyse il te dira lesquels de tes logiciels qui ne ont pas à jour et le chemin pour le faire

installes mise à part les versions “Beta”

télécharge GenProc sur ton bureau

==> GenProc

dézippe le dossier, double-clique sur GenProc.bat

réponds " oui" à la fenêtre qui apparait

poste le contenu du rapport qui s’ouvre

Re ,

Et bien j’ai voulu comme tu me la indiquer mettre a jour Internet Explorer mais lors de l’extraction du logiciel , impossible de l’installer !
Donc voici le rapport d’erreur que j’ai trouver dans C:\Windows

00:00.000: ====================================================================
00:00.141: Started: 2010/01/18 (Y/M/D) 20:13:11.156 (local)
00:00.172: Time Format in this log: MM:ss.mmm (minutes:seconds.milliseconds)
00:00.188: Command line: c:\b3631d1b244f6bc2d5c1b686\update\iesetup.exe
00:00.203: INFO: Checking version for c:\b3631d1b244f6bc2d5c1b686\update\iesetup.exe: 8.0.6001.18702
00:00.485: INFO: Acquired Package Installer Mutex
00:00.500: INFO: Operating System: Windows Workstation: 5.1.2600 (Service Pack 2)
00:00.891: ERROR: Couldn’t read value: ‘LIPPackage’ from [Version] section in update.inf
00:00.985: INFO: Checking Prerequisites
00:01.000: INFO: Prerequisites Satisfied: Yes
00:04.688: ERROR: Unable to load MSFTEDIT.DLL.
00:04.750: ERROR: Message to User: The Setup application could not be initialized
00:14.500: ERROR: Setup exit code: 0x00000002 (Unable to initialize the application).

Donc je vais quand mm continuer la procedure que tu ma indiquer .

A+

Bon ba la , je crois que c’est vraiment la fin ! :’(

J’avais donc lancer Windows Update , puis telecharger les mises a jours , et donc il fallait naturellement que je redemarre mon pc pour finir les MAJ sauf que comme je l’ai deja dit mon pc ne veut plus se redemarrer tout seul ,alors j’ai ete obliger d’appuyer sur le boutons d’arret pour l’arreter , puis lorsque j’ai rallumer le pc , le fond d’ecran noir habituel (je commence a etre habituer ) , mais plus d’icone de bureau ! et d’un coup un message d’erreur cette fois pa pour WLM mais disant que Explorer.exe a eu un probleme et dois fermer …
et apres plus de menus démarrer plus rien ! le menus “Mes documents " " poste de travail” … ne marchent plus ! je ne peux plus qu’utilisé Google Chrome !
J’avais donc fait le rapport GenProc (qui me signalais pleins d’erreurs ) mais la vu que je ne peux plus me servir de rien je ne peux plus faire le rapport GenProc ! A part peut etre en mode sans Echec .

Aidez moi la , je ne sait vraiment plus quoi faire , je pourrait reinstaller Windows , mais sa me fait chier de perdre mes fichiers et en + faudrait que je re-telecharge tout mes programmes ! -_-’

Salut

Fais toi prêter un CD Windows XP ou tu t en achete un avec licence ,Faut réparer sans formater et tu ne perdras pas tes données

Bn j’ai enfin trouver une alternative pour que ça marche !!
J’ai mis le cd de Windows et j’ai installer une 2eme partition de windows sans effacer la 1ere (pour ne pas perdre mes fichiers !)
Donc la tout marche , je suis en train de telecharger AVG antivirus …
Est-ce que je dois effacer le 1er dossier Windows que j’avais ? ainsi que les programmes que j’ai dans Progams Files ? vu que je ne peux plus les utiliser avec la nouvelle partition de Windows ???

Par contre ça marche mais je me demande si j’ai toujours un virus ou pas !???