Re ,
Merci encore mille fois pour ton aide
Donc voila le rapport ZHPDiag :
Rapport de ZHPDiag v1.24.45 par Nicolas Coolman
Run by Administrateur at 18/01/2010 17:06:36
Web site : www.premiumorange.com…
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
MSIE: Internet Explorer v6.0.2900.2180
Boot mode: Normal (Normal boot)
Total RAM: 191 MB (26% free)
System drive C: has 4 GB (10%) free of 37 GB
—\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 37 Go)
D:\ CD-ROM drive (Not Inserted)
—\ Processus lancés
[MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - C:\WINDOWS\System32\svchost.exe
[MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - C:\WINDOWS\system32\services.exe
[MD5.9F3744A5C6F49291A7A685040A013399] - C:\WINDOWS\system32\lsass.exe
[MD5.B4EF928E4FAD79364A80ACBA6D999934] - C:\WINDOWS\system32\spoolsv.exe
—\ Pages de démarrage d’Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.microsoft.com…
—\ Pages de recherche d’Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ie.search.msn.com…
—\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - %SystemRoot%\system32\shdocvw.dll
—\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (not file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (not file)
—\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
—\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM…\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKLM…\policies\Explorer: [NoDrives] Data=0
O4 - HKCU…\policies\Explorer: [NoDriveTypeAutoRun] Data=323
O4 - HKCU…\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKCU…\policies\Explorer: [NoDrives] Data=0
—\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
—\ Piratage de l’Option ‘Rétablir les paramètres Web’ (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com…
—\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
—\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Spouleur d’impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
—\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1078145449-725345543-500Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1078145449-725345543-500UA.job
—\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Outils d’installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d’adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - “%ProgramFiles%\Outlook Express\setup50.exe” /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx
O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
—\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Pilote de connexion automatique d’accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
—\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: CCleaner
O42 - Logiciel: Guitar Pro 5.0
O42 - Logiciel: MSVCRT
O42 - Logiciel: Malwarebytes’ Anti-Malware
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: Realtek AC’97 Audio
O42 - Logiciel: Revo Uninstaller 1.85
O42 - Logiciel: SAGEM Wi-Fi 11g USB adapter (pilote)
O42 - Logiciel: Sagem Wi-Fi 11g USB adapter (driver)
O42 - Logiciel: Segoe UI
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: VLC media player 1.0.1
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: eMule
—\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 5
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes’ Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\movie maker
O43 - CFD:Common File Directory ----D- C:\Program Files\msn gaming zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97
O43 - CFD:Common File Directory ----D- C:\Program Files\Securitoo
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live
—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 18/01/2010 - 16:54:57 —A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/01/2010 - 16:51:52 —A- C:\WINDOWS\0.log
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 18/01/2010 - 16:51:41 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:[MD5.CB051D06106ADC9F5C15DAE2A21EA927] - 16/01/2010 - 20:01:41 —A- C:\ComboFix.txt
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 16/01/2010 - 19:51:16 —A- C:\WINDOWS\system.ini
O44 - LFC:[MD5.B628952F330F85E5862A4D92BA0F9512] - 16/01/2010 - 19:42:18 RSHA- C:\boot.ini
O44 - LFC:[MD5.B7B344A383243B32862FE90C66568265] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:[MD5.683349A08822D0357C979F906C1D4216] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:[MD5.33711E10954ADF2099296BE96B1D2DA8] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:[MD5.48341D625040FCD27388F4A92EBAD4C4] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:[MD5.36844B51E2D5EF74FF9F42475FA763D2] - 16/01/2010 - 13:10:58 —A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:[MD5.D833C1B233595F55098F9264E2D69E20] - 12/01/2010 - 09:13:54 —A- C:\WINDOWS\System32\d3d9caps.dat
O44 - LFC:[MD5.73B18BEAD24FD93FD0A2A4D11BF6FCCB] - 12/01/2010 - 08:25:01 —A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 —A- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 —A- C:\WINDOWS\System32\drivers\mbam.sys
O44 - LFC:[MD5.3862A8602F0B99E8E3475EFD3A6DAE21] - 04/01/2010 - 02:51:28 —A- C:\WINDOWS\System32\deploytk.dll
—\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
—\ Export de clé d’application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - “%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - “C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe::Enabled:eMule"
O47 - AAKE:Key Export DP - “%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
—\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
—\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM…\CS3\Network\vgasave.sys
—\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
—\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM…\Drivers"timer"=“timer.drv”
O52 - TDSD:HKLM…\Drivers32"midimapper"=“midimap.dll”
O52 - TDSD:HKLM…\Drivers32"msacm.imaadpcm"=“imaadp32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msadpcm"=“msadp32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msg711"=“msg711.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.msgsm610"=“msgsm32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.trspch"=“tssoft32.acm”
O52 - TDSD:HKLM…\Drivers32"vidc.cvid"=“iccvid.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.I420"=“msh263.drv”
O52 - TDSD:HKLM…\Drivers32"vidc.iv31"=“ir32_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.iv32"=“ir32_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.iv41"=“ir41_32.ax”
O52 - TDSD:HKLM…\Drivers32"vidc.iyuv"=“iyuv_32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.mrle"=“msrle32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.msvc"=“msvidc32.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.uyvy"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yuy2"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yvu9"=“tsbyuv.dll”
O52 - TDSD:HKLM…\Drivers32"vidc.yvyu"=“msyuv.dll”
O52 - TDSD:HKLM…\Drivers32"wavemapper"=“msacm32.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.msg723"=“msg723.acm”
O52 - TDSD:HKLM…\Drivers32"vidc.M263"=“msh263.drv”
O52 - TDSD:HKLM…\Drivers32"vidc.M261"=“msh261.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.msaudio1"=“msaud32.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.sl_anet"=“sl_anet.acm”
O52 - TDSD:HKLM…\Drivers32"msacm.iac2"=“C:\WINDOWS\system32\iac25_32.ax”
O52 - TDSD:HKLM…\Drivers32"vidc.iv50"=“ir50_32.dll”
O52 - TDSD:HKLM…\Drivers32"msacm.l3acm"=“C:\WINDOWS\system32\l3codeca.acm”
O52 - TDSD:HKLM…\Drivers32"wave"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"midi"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"mixer"=“wdmaud.drv”
O52 - TDSD:HKLM…\Drivers32"msacm.siren"=“sirenacm.dll”
O52 - TDSD:HKLM…\drivers.desc"msaud32.acm"=“Windows Media Audio Codec”
O52 - TDSD:HKLM…\drivers.desc"sl_anet.acm"=“Sipro Lab Telecom Audio Codec”
O52 - TDSD:HKLM…\drivers.desc"C:\WINDOWS\system32\iac25_32.ax"=“Indeo® audio software”
O52 - TDSD:HKLM…\drivers.desc"ir50_32.dll"=“Indeo® video 5.10”
O52 - TDSD:HKLM…\drivers.desc"C:\WINDOWS\system32\l3codeca.acm"=“Fraunhofer IIS MPEG Layer-3 Codec”
O52 - TDSD:HKLM…\drivers.desc"wdmaud.drv"=“Realtek AC’97 Audio”
O52 - TDSD:HKLM…\drivers.desc"sirenacm.dll"=“Messenger Audio Codec”
—\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM…\CurrentControlSet\Control] - “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM…\ControlSet001\Control] - “SecurityProviders”=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
—\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM…\Policies\System] - “dontdisplaylastusername”=0
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticecaption”=
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticetext”=
O55 - MWPS:[HKLM…\Policies\System] - “shutdownwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “undockwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “DisableRegistryTools”=0
—\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDriveTypeAutoRun”=323
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDriveAutoRun”=67108863
O56 - MWPE:[HKCU…\Policies\Explorer] - “NoDrives”=0
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDriveAutoRun”=67108863
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDriveTypeAutoRun”=323
O56 - MWPE:[HKLM…\Policies\Explorer] - “NoDrives”=0
—\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.0BD94FBFC14EA3606CD6CA4C0255BAA3] - 04/08/2004 - 01:36:58 —A- C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:[MD5.E4ABC1212B70BB03D35E60681C447210] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:[MD5.841F385C6CFAF66B58FBD898722BB4F0] - 03/08/2004 - 22:39:38 —A- C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - 04/08/2004 - 00:14:16 —A- C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:[MD5.F3E15607BA53249C765E36388B332C2F] - 08/03/2007 - 14:34:46 R–A- C:\WINDOWS\system32\drivers\alcxwdm.sys
O58 - SDL:[MD5.F7DDE198231BE379DF7F9E1FD6777BFF] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:[MD5.C0F59933070392E662B3C2BB2BE77955] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:[MD5.F0D692B0BFFB46E30EB3CEA168BBC49F] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:[MD5.02000ABF34AF4C218C35D257024807D6] - 04/08/2004 - 00:05:04 —A- C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - 03/08/2004 - 23:59:44 —A- C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:[MD5.EC88DA854AB7D7752EC8BE11A741BB7F] - 03/08/2004 - 23:58:32 —A- C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:[MD5.0128E78FE835F074E469F03DB681CA9E] - 03/08/2004 - 23:58:36 —A- C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 22:59:44 —A- C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 20:30:54 —A- C:\WINDOWS\system32\drivers\avgntflt.sys
O58 - SDL:[MD5.EA22EDADF90C0ABA8319454B2A07B700] - 17/08/2001 - 22:57:54 —A- C:\WINDOWS\system32\drivers\battc.sys
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\beep.sys
O58 - SDL:[MD5.E4E6A0922E3D983728C9AD4E8D466954] - 03/08/2004 - 23:59:58 —A- C:\WINDOWS\system32\drivers\bridge.sys
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cbidf2k.sys
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cdaudio.sys
O58 - SDL:[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - 04/08/2004 - 00:14:12 —A- C:\WINDOWS\system32\drivers\cdfs.sys
O58 - SDL:[MD5.AF9C19B3100FE010496B1A27181FBF72] - 03/08/2004 - 23:59:54 —A- C:\WINDOWS\system32\drivers\cdrom.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.D86173B401470F06D9810F7962969DDF] - 04/08/2004 - 00:14:28 —A- C:\WINDOWS\system32\drivers\classpnp.sys
O58 - SDL:[MD5.4266BE808F85826AEDF3C64C1E240203] - 04/08/2004 - 00:07:40 —A- C:\WINDOWS\system32\drivers\CmBatt.sys
O58 - SDL:[MD5.DF1B1A24BF52D0EBC01ED4ECE8979F50] - 17/08/2001 - 22:58:00 —A- C:\WINDOWS\system32\drivers\compbatt.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.3B2457605666FD854E738C3D25859CA3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\crusoe.sys
O58 - SDL:[MD5.00CA44E4534865F8A3B64F7C0984BFF0] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\disk.sys
O58 - SDL:[MD5.D16C81677A9BE399C63CD2EA486472A5] - 03/08/2004 - 23:59:54 —A- C:\WINDOWS\system32\drivers\diskdump.sys
O58 - SDL:[MD5.E2D3B7620310FE56685F9B15A6B404B3] - 04/08/2004 - 01:46:08 —A- C:\WINDOWS\system32\drivers\dmboot.sys
O58 - SDL:[MD5.C77F5C20AA70197A69AA84BAA9DE43C8] - 04/08/2004 - 01:46:20 —A- C:\WINDOWS\system32\drivers\dmio.sys
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dmload.sys
O58 - SDL:[MD5.A6F881284AC1150E37D9AE47FF601267] - 03/08/2004 - 23:07:40 —A- C:\WINDOWS\system32\drivers\DMusic.sys
O58 - SDL:[MD5.FF86422268DE771D571E123EB7092C6A] - 03/08/2004 - 23:08:00 —A- C:\WINDOWS\system32\drivers\drmk.sys
O58 - SDL:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 03/08/2004 - 23:07:58 —A- C:\WINDOWS\system32\drivers\drmkaud.sys
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dxapi.sys
O58 - SDL:[MD5.D3DAC8432110AAD0B02A58B4459AB835] - 04/08/2004 - 00:00:56 —A- C:\WINDOWS\system32\drivers\dxg.sys
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\dxgthk.sys
O58 - SDL:[MD5.3117F595E9615E04F05A54FC15A03B20] - 04/08/2004 - 00:14:18 —A- C:\WINDOWS\system32\drivers\fastfat.sys
O58 - SDL:[MD5.CED2E8396A8838E59D8FD529C680E02C] - 03/08/2004 - 23:59:28 —A- C:\WINDOWS\system32\drivers\fdc.sys
O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 21:13:08 —A- C:\WINDOWS\system32\drivers\fetnd5.sys
O58 - SDL:[MD5.8B121FF880683607AB2AEF0340721718] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fips.sys
O58 - SDL:[MD5.0DD1DE43115B93F4D85E889D7A86F548] - 03/08/2004 - 23:59:28 —A- C:\WINDOWS\system32\drivers\flpydisk.sys
O58 - SDL:[MD5.157754F0DF355A9E0A6F54721914F9C6] - 04/08/2004 - 00:01:20 —A- C:\WINDOWS\system32\drivers\fltMgr.sys
O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fsvga.sys
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\fs_rec.sys
O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ftdisk.sys
O58 - SDL:[MD5.4216CD545E5C30807B560C5DCAA812E6] - 04/08/2004 - 00:07:44 —A- C:\WINDOWS\system32\drivers\GAGP30KX.SYS
O58 - SDL:[MD5.378055AB8DDA86228683C697C4E11685] - 04/08/2004 - 00:08:20 —A- C:\WINDOWS\system32\drivers\hidclass.sys
O58 - SDL:[MD5.5FFF41CD5108E9051D255C37825AF697] - 04/08/2004 - 00:08:18 —A- C:\WINDOWS\system32\drivers\hidparse.sys
O58 - SDL:[MD5.C19B522A9AE0BBC3293397F3055E80A1] - 04/08/2004 - 00:00:14 —A- C:\WINDOWS\system32\drivers\http.sys
O58 - SDL:[MD5.D1EFCBD693B5BA21314D06368C471070] - 04/08/2004 - 01:41:24 —A- C:\WINDOWS\system32\drivers\i8042prt.sys
O58 - SDL:[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - 04/08/2004 - 00:00:16 —A- C:\WINDOWS\system32\drivers\imapi.sys
O58 - SDL:[MD5.DD5AD1E79AC26D3F8D8828AD4627F160] - 04/08/2004 - 01:43:40 —A- C:\WINDOWS\system32\drivers\intelppm.sys
O58 - SDL:[MD5.4448006B6BC60E6C027932CFC38D6855] - 04/08/2004 - 00:00:08 —A- C:\WINDOWS\system32\drivers\ip6fw.sys
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ipfltdrv.sys
O58 - SDL:[MD5.E1EC7F5DA720B640CD8FB8424F1B14BB] - 04/08/2004 - 00:04:46 —A- C:\WINDOWS\system32\drivers\ipinip.sys
O58 - SDL:[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - 04/08/2004 - 00:04:52 —A- C:\WINDOWS\system32\drivers\ipnat.sys
O58 - SDL:[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - 04/08/2004 - 00:14:30 —A- C:\WINDOWS\system32\drivers\ipsec.sys
O58 - SDL:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 04/08/2004 - 00:00:48 —A- C:\WINDOWS\system32\drivers\irenum.sys
O58 - SDL:[MD5.54632F1A7DE61DC3615D756F2A90FA72] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\isapnp.sys
O58 - SDL:[MD5.E798705E8DC7FAB596EF6BFDF167E007] - 04/08/2004 - 01:45:12 —A- C:\WINDOWS\system32\drivers\kbdclass.sys
O58 - SDL:[MD5.D93CAD07C5683DB066B0B2D2D3790EAD] - 03/08/2004 - 23:07:50 —A- C:\WINDOWS\system32\drivers\kmixer.sys
O58 - SDL:[MD5.B9540E258F952650DE8DEC68719A5C97] - 03/08/2004 - 23:15:22 —A- C:\WINDOWS\system32\drivers\ks.sys
O58 - SDL:[MD5.EB7FFE87FD367EA8FCA0506F74A87FBB] - 03/08/2004 - 23:59:48 —A- C:\WINDOWS\system32\drivers\ksecdd.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 —A- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 —A- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\mcd.sys
O58 - SDL:[MD5.729D83E56C29C510258A6E9E79FFDDC3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mf.sys
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\mnmdd.sys
O58 - SDL:[MD5.5AC7E16F5B40A6DA14B5F2B3ADA4693E] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\modem.sys
O58 - SDL:[MD5.7D4F19411BD941E1D432A99E24230386] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mouclass.sys
O58 - SDL:[MD5.65653F3B4477F3C63E68A9659F85EE2E] - 03/08/2004 - 23:58:32 —A- C:\WINDOWS\system32\drivers\mountmgr.sys
O58 - SDL:[MD5.DB07B0088CDFD20C2A22E675120EDE34] - 03/08/2004 - 23:58:22 —A- C:\WINDOWS\system32\drivers\mqac.sys
O58 - SDL:[MD5.46EDCC8F2DB2F322C24F48785CB46366] - 04/08/2004 - 00:00:58 —A- C:\WINDOWS\system32\drivers\mrxdav.sys
O58 - SDL:[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - 04/08/2004 - 00:15:18 —A- C:\WINDOWS\system32\drivers\mrxsmb.sys
O58 - SDL:[MD5.561B3A4333CA2DBDBA28B5B956822519] - 04/08/2004 - 00:00:42 —A- C:\WINDOWS\system32\drivers\msfs.sys
O58 - SDL:[MD5.C0F1D4A21DE5A415DF8170616703DEBF] - 04/08/2004 - 00:04:14 —A- C:\WINDOWS\system32\drivers\msgpc.sys
O58 - SDL:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 03/08/2004 - 22:58:42 —A- C:\WINDOWS\system32\drivers\MSKSSRV.sys
O58 - SDL:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 03/08/2004 - 22:58:40 —A- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O58 - SDL:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 03/08/2004 - 22:58:42 —A- C:\WINDOWS\system32\drivers\MSPQM.sys
O58 - SDL:[MD5.469541F8BFD2B32659D5D463A6714BCE] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\mssmbios.sys
O58 - SDL:[MD5.82035E0F41C2DD05AE41D27FE6CF7DE1] - 04/08/2004 - 00:15:22 —A- C:\WINDOWS\system32\drivers\mup.sys
O58 - SDL:[MD5.558635D3AF1C7546D26067D5D9B6959E] - 04/08/2004 - 00:14:30 —A- C:\WINDOWS\system32\drivers\ndis.sys
O58 - SDL:[MD5.08D43BBDACDF23F34D79E44ED35C1B4C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ndistapi.sys
O58 - SDL:[MD5.34D6CD56409DA9A7ED573E1C90A308BF] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\ndisuio.sys
O58 - SDL:[MD5.0B90E255A9490166AB368CD55A529893] - 04/08/2004 - 00:14:32 —A- C:\WINDOWS\system32\drivers\ndiswan.sys
O58 - SDL:[MD5.59FC3FB44D2669BC144FD87826BB571F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ndproxy.sys
O58 - SDL:[MD5.3A2ACA8FC1D7786902CA434998D7CEB4] - 04/08/2004 - 00:03:22 —A- C:\WINDOWS\system32\drivers\netbios.sys
O58 - SDL:[MD5.0C80E410CD2F47134407EE7DD19CC86B] - 04/08/2004 - 00:14:38 —A- C:\WINDOWS\system32\drivers\netbt.sys
O58 - SDL:[MD5.5C5C53DB4FEF16CF87B9911C7E8C6FBC] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\nic1394.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.60CF8C7192B3614F240838DDBAA4A245] - 03/08/2004 - 23:59:52 —A- C:\WINDOWS\system32\drivers\nmnt.sys
O58 - SDL:[MD5.4F601BCB8F64EA3AC0994F98FED03F8E] - 04/08/2004 - 00:00:44 —A- C:\WINDOWS\system32\drivers\npfs.sys
O58 - SDL:[MD5.B78BE402C3F63DD55521F73876951CDD] - 04/08/2004 - 00:15:10 —A- C:\WINDOWS\system32\drivers\ntfs.sys
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\null.sys
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkflt.sys
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
O58 - SDL:[MD5.79EA3FCDA7067977625B3363A2657C80] - 04/08/2004 - 00:03:36 —A- C:\WINDOWS\system32\drivers\nwlnkipx.sys
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnknb.sys
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\nwlnkspx.sys
O58 - SDL:[MD5.03373A79440473062C6F3AEDEC6A49C8] - 04/08/2004 - 00:02:24 —A- C:\WINDOWS\system32\drivers\nwrdr.sys
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\oprghdlr.sys
O58 - SDL:[MD5.136E0CEA9BD1C42066692DECFA5C6418] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\p3.sys
O58 - SDL:[MD5.318696359AC7DF48D1E51974EC527DD2] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\parport.sys
O58 - SDL:[MD5.3334430C29DC338092F79C38EF7B4CD0] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\partmgr.sys
O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\parvdm.sys
O58 - SDL:[MD5.7C5DA5C1ED801AD8B0309D5514F0B75E] - 04/08/2004 - 01:37:06 —A- C:\WINDOWS\system32\drivers\pci.sys
O58 - SDL:[MD5.520B91AB011456B940D9B05FC91108FF] - 03/08/2004 - 23:59:42 —A- C:\WINDOWS\system32\drivers\pciidex.sys
O58 - SDL:[MD5.641DA274E163617EA7A33506BC6DA8E3] - 04/08/2004 - 01:37:12 —A- C:\WINDOWS\system32\drivers\pcmcia.sys
O58 - SDL:[MD5.5B0F00E43A7094C0B7E433CB42C79164] - 03/08/2004 - 23:15:50 —A- C:\WINDOWS\system32\drivers\portcls.sys
O58 - SDL:[MD5.F480712B761E538BC8E44EDE60F3A3C3] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\processr.sys
O58 - SDL:[MD5.48671F327553DCF1D27F6197F622A668] - 04/08/2004 - 00:04:20 —A- C:\WINDOWS\system32\drivers\psched.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rasacd.sys
O58 - SDL:[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - 04/08/2004 - 00:14:24 —A- C:\WINDOWS\system32\drivers\rasl2tp.sys
O58 - SDL:[MD5.7306EEED8895454CBED4669BE9F79FAA] - 04/08/2004 - 00:05:08 —A- C:\WINDOWS\system32\drivers\raspppoe.sys
O58 - SDL:[MD5.1C5CC65AAC0783C344F16353E60B72AC] - 04/08/2004 - 00:14:28 —A- C:\WINDOWS\system32\drivers\raspptp.sys
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\raspti.sys
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rawwan.sys
O58 - SDL:[MD5.29D66245ADBA878FFF574CD66ABD2884] - 04/08/2004 - 00:20:08 —A- C:\WINDOWS\system32\drivers\rdbss.sys
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rdpcdd.sys
O58 - SDL:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 03/08/2004 - 23:01:16 —A- C:\WINDOWS\system32\drivers\rdpdr.sys
O58 - SDL:[MD5.D4F5643D7714EF499AE9527FDCD50894] - 04/08/2004 - 01:55:14 —A- C:\WINDOWS\system32\drivers\rdpwd.sys
O58 - SDL:[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - 04/08/2004 - 01:39:44 —A- C:\WINDOWS\system32\drivers\redbook.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.35E81B908AE4E97FC7BDF4607C516FF4] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\RMCast.sys
O58 - SDL:[MD5.7CE8B277F3207EA82D7D22AD348BEFC6] - 04/08/2004 - 00:04:32 —A- C:\WINDOWS\system32\drivers\rndismp.sys
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\rootmdm.sys
O58 - SDL:[MD5.D7FD0FF761E28AC0EA35AD71E0CD67E9] - 03/08/2004 - 23:59:42 —A- C:\WINDOWS\system32\drivers\scsiport.sys
O58 - SDL:[MD5.02FC71B020EC8700EE8A46C58BC6F276] - 04/08/2004 - 00:07:48 —A- C:\WINDOWS\system32\drivers\sdbus.sys
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 12:36:38 —A- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.A2D868AEEFF612E70E213C451A70CAFB] - 03/08/2004 - 23:59:08 —A- C:\WINDOWS\system32\drivers\serenum.sys
O58 - SDL:[MD5.653201755CA96AB4AAA4131DAF6DA356] - 04/08/2004 - 01:41:26 —A- C:\WINDOWS\system32\drivers\serial.sys
O58 - SDL:[MD5.1D9F1BEC651815741F088A8FB88E17EE] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sffdisk.sys
O58 - SDL:[MD5.586499FD312FFD7F78553F408E71682E] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sffp_sd.sys
O58 - SDL:[MD5.0D13B6DF6E9E101013A7AFB0CE629FE0] - 03/08/2004 - 23:59:56 —A- C:\WINDOWS\system32\drivers\sfloppy.sys
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\smclib.sys
O58 - SDL:[MD5.ADDC9E4757A68AB60562AD3CB9C288D6] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\sonydcam.sys
O58 - SDL:[MD5.8E186B8F23295D1E42C573B82B80D548] - 03/08/2004 - 23:07:48 —A- C:\WINDOWS\system32\drivers\splitter.sys
O58 - SDL:[MD5.B52181023B827ACDA36C1B76751EBFFD] - 04/08/2004 - 01:49:46 —A- C:\WINDOWS\system32\drivers\sr.sys
O58 - SDL:[MD5.20B7E396720353E4117D64D9DCB926CA] - 04/08/2004 - 00:14:46 —A- C:\WINDOWS\system32\drivers\srv.sys
O58 - SDL:[MD5.C43356072EB3E88CD62958DB10CEAD47] - 03/08/2004 - 23:08:04 —A- C:\WINDOWS\system32\drivers\stream.sys
O58 - SDL:[MD5.03C1BAE4766E2450219D20B993D6E046] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\swenum.sys
O58 - SDL:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 17/08/2001 - 22:00:52 —A- C:\WINDOWS\system32\drivers\swmidi.sys
O58 - SDL:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 03/08/2004 - 23:15:56 —A- C:\WINDOWS\system32\drivers\sysaudio.sys
O58 - SDL:[MD5.A2A9CA0D1A9AC1FF54220AA0789FE5CF] - 04/08/2004 - 00:00:00 —A- C:\WINDOWS\system32\drivers\tape.sys
O58 - SDL:[MD5.27A5959C94EE173A063CA06BD14F021A] - 18/08/2004 - 10:22:25 —A- C:\WINDOWS\system32\drivers\tcpip.sys
O58 - SDL:[MD5.4D58BB1AE8841AAFD8790AD7E1E3B8EA] - 04/08/2004 - 00:07:46 —A- C:\WINDOWS\system32\drivers\tcpip6.sys
O58 - SDL:[MD5.6891B74AB9A016064E82A419388D0601] - 04/08/2004 - 00:07:50 —A- C:\WINDOWS\system32\drivers\tdi.sys
O58 - SDL:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 04/08/2004 - 01:55:12 —A- C:\WINDOWS\system32\drivers\tdpipe.sys
O58 - SDL:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 04/08/2004 - 01:55:14 —A- C:\WINDOWS\system32\drivers\tdtcp.sys
O58 - SDL:[MD5.A540A99C281D933F3D69D55E48727F47] - 04/08/2004 - 00:55:12 —A- C:\WINDOWS\system32\drivers\termdd.sys
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\tosdvd.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.87A0E9E18C10A9E454238E3330E2A26D] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\tunmp.sys
O58 - SDL:[MD5.12F70256F140CD7D52C58C7048FDE657] - 04/08/2004 - 00:00:32 —A- C:\WINDOWS\system32\drivers\udfs.sys
O58 - SDL:[MD5.AFF2E5045961BBC0A602BB6F95EB1345] - 03/08/2004 - 23:58:34 —A- C:\WINDOWS\system32\drivers\update.sys
O58 - SDL:[MD5.AF090265EC388BAB320F1FF7E7A7D5EA] - 04/08/2004 - 00:04:34 —A- C:\WINDOWS\system32\drivers\usb8023.sys
O58 - SDL:[MD5.2654EECC6FB13603EBDDCD5C8EA943D1] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbcamd.sys
O58 - SDL:[MD5.61018BA9DF6B63E51D9753C980E73EC2] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbcamd2.sys
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\usbd.sys
O58 - SDL:[MD5.15E993BA2F6946B2BFBBFCD30398621E] - 04/08/2004 - 00:08:38 —A- C:\WINDOWS\system32\drivers\usbehci.sys
O58 - SDL:[MD5.C72F40947F92CEA56A8FB532EDF025F1] - 04/08/2004 - 00:08:44 —A- C:\WINDOWS\system32\drivers\usbhub.sys
O58 - SDL:[MD5.2853FD4C4489E0F8BFCF78EFCDB7E998] - 04/08/2004 - 02:05:42 —A- C:\WINDOWS\system32\drivers\usbintel.sys
O58 - SDL:[MD5.2034CA78F9C6E787B4B76D81AC888351] - 04/08/2004 - 00:08:44 —A- C:\WINDOWS\system32\drivers\usbport.sys
O58 - SDL:[MD5.6CD7B22193718F1D17A47A1CD6D37E75] - 03/08/2004 - 23:08:48 —A- C:\WINDOWS\system32\drivers\USBSTOR.SYS
O58 - SDL:[MD5.F8FD1400092E23C8F2F31406EF06167B] - 04/08/2004 - 00:08:38 —A- C:\WINDOWS\system32\drivers\usbuhci.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.8A60EDD72B4EA5AEA8202DAF0E427925] - 04/08/2004 - 00:07:08 —A- C:\WINDOWS\system32\drivers\vga.sys
O58 - SDL:[MD5.59CB1338AD3654417BEA49636457F65D] - 03/08/2004 - 23:59:44 —A- C:\WINDOWS\system32\drivers\viaide.sys
O58 - SDL:[MD5.D5A9D123F5ED7C9965A481BD20CF66D8] - 04/08/2004 - 00:07:06 —A- C:\WINDOWS\system32\drivers\videoprt.sys
O58 - SDL:[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - 04/08/2004 - 01:44:16 —A- C:\WINDOWS\system32\drivers\volsnap.sys
O58 - SDL:[MD5.984EF0B9788ABF89974CFED4BFBAACBC] - 04/08/2004 - 00:04:58 —A- C:\WINDOWS\system32\drivers\wanarp.sys
O58 - SDL:[MD5.2797F33EBF50466020C430EE4F037933] - 03/08/2004 - 23:15:06 —A- C:\WINDOWS\system32\drivers\wdmaud.sys
O58 - SDL:[MD5.79C47EA75DBEA178A7C87B080E093E81] - 22/12/2005 - 14:45:18 —A- C:\WINDOWS\system32\drivers\WlanBZ64.SYS
O58 - SDL:[MD5.478B4415DFB3A45B6FE61EC781E07D7B] - 22/12/2005 - 14:45:18 —A- C:\WINDOWS\system32\drivers\WlanBZXP.sys
O58 - SDL:[MD5.C383926D4BA41AFBCA592B2AD1FE4109] - 17/06/2005 - 10:27:00 —A- C:\WINDOWS\system32\drivers\WlanUIG.sys
O58 - SDL:[MD5.ED45A2CC094D9476CC1DA9EACBCF0D57] - 09/01/2006 - 11:26:22 —A- C:\WINDOWS\system32\drivers\WlanUZXP.sys
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\wmilib.sys
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\drivers\ws2ifsl.sys
O58 - SDL:[MD5.E11183B2F02AE38915982D10D717C6C6] - 09/01/2006 - 11:26:24 —A- C:\WINDOWS\system32\drivers\ZDPSp50a64.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 23:46:56 —A- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/08/2001 - 15:00:00 —A- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 —A- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 —A- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 —A- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 —A- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 —A- C:\WINDOWS\system32\ntio804.sys
O58 - SDL:[MD5.C9BF2F12C4E6C12F8A85FBA4B6BC6208] - 04/08/2004 - 00:07:34 —A- C:\WINDOWS\system32\watchdog.sys
O58 - SDL:[MD5.6B8D8840CC7D6C822FD159613D61EBA3] - 04/08/2004 - 01:45:58 —A- C:\WINDOWS\system32\win32k.sys
—\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2
O63 - Logiciel: ZHPDiag 1.24
O63 - Logiciel: FindyKill
O63 - Logiciel: RSIT
—\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - AFD (AFD) - LEGACY_AFD
O64 - Services: CurCS - Service de la passerelle de la couche Application (ALG) - LEGACY_ALG
O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV
O64 - Services: CurCS - No object (No service) - LEGACY_AVGIO
O64 - Services: CurCS - No object (No service) - LEGACY_AVIPBB
O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP
O64 - Services: CurCS - Service de transfert intelligent en arrière-plan (BITS) - LEGACY_BITS
O64 - Services: CurCS - Explorateur d’ordinateur (Browser) - LEGACY_BROWSER
O64 - Services: CurCS - catchme (catchme) - LEGACY_CATCHME
O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS
O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP
O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC
O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP
O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT
O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD
O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER
O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE
O64 - Services: CurCS - Service de rapport d’erreurs (ERSvc) - LEGACY_ERSVC
O64 - Services: CurCS - Système d’événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT
O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS
O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR
O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC
O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC
O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC
O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP
O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - Pilote du pare-feu Windows IPv6 (Ip6Fw) - LEGACY_IP6FW
O64 - Services: CurCS - Traducteur d’adresses réseau IP (IpNat) - LEGACY_IPNAT
O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC
O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD
O64 - Services: CurCS - Serveur (lanmanserver) - LEGACY_LANMANSERVER
O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS
O64 - Services: CurCS - mbr (mbr) - LEGACY_MBR
O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD
O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR
O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV
O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB
O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC
O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS
O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER
O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP
O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS
O64 - Services: CurCS - Pilote TAPI NDIS d’accès distant (NdisTapi) - LEGACY_NDISTAPI
O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO
O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY
O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS
O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT
O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN
O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA
O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS
O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS
O64 - Services: CurCS - Null (Null) - LEGACY_NULL
O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR
O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM
O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT
O64 - Services: CurCS - PROCEXP113 (PROCEXP113) - LEGACY_PROCEXP113
O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - Pilote de connexion automatique d’accès distant (RasAcd) - LEGACY_RASACD
O64 - Services: CurCS - Rdbss (Rdbss) - LEGACY_RDBSS
O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD
O64 - Services: CurCS - RDPNP (RDPNP) - LEGACY_RDPNP
O64 - Services: CurCS - Accès à distance au Registre (RemoteRegistry) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS
O64 - Services: CurCS - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS
O64 - Services: CurCS - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE
O64 - Services: CurCS - Connexion secondaire (seclogon) - LEGACY_SECLOGON
O64 - Services: CurCS - Notification d’événement système (SENS) - LEGACY_SENS
O64 - Services: CurCS - Serial (Serial) - LEGACY_SERIAL
O64 - Services: CurCS - Pare-feu Windows / Partage de connexion Internet (SharedAccess) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - Spouleur d’impression (Spooler) - LEGACY_SPOOLER
O64 - Services: CurCS - Pilote de filtre de restauration système (sr) - LEGACY_SR
O64 - Services: CurCS - Service de restauration système (srservice) - LEGACY_SRSERVICE
O64 - Services: CurCS - Srv (Srv) - LEGACY_SRV
O64 - Services: CurCS - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV
O64 - Services: CurCS - No object (No service) - LEGACY_SSMDRV
O64 - Services: CurCS - Acquisition d’image Windows (WIA) (stisvc) - LEGACY_STISVC
O64 - Services: CurCS - Téléphonie (TapiSrv) - LEGACY_TAPISRV
O64 - Services: CurCS - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP
O64 - Services: CurCS - Services Terminal Server (TermService) - LEGACY_TERMSERVICE
O64 - Services: CurCS - Thèmes (Themes) - LEGACY_THEMES
O64 - Services: CurCS - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS
O64 - Services: CurCS - Udfs (Udfs) - LEGACY_UDFS
O64 - Services: CurCS - vga (vga) - LEGACY_VGA
O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE
O64 - Services: CurCS - VolSnap (VolSnap) - LEGACY_VOLSNAP
O64 - Services: CurCS - Horloge Windows (W32Time) - LEGACY_W32TIME
O64 - Services: CurCS - Pilote ARP IP d’accès distant (Wanarp) - LEGACY_WANARP
O64 - Services: CurCS - WebClient (WebClient) - LEGACY_WEBCLIENT
O64 - Services: CurCS - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT
O64 - Services: CurCS - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV
O64 - Services: CurCS - Centre de sécurité (wscsvc) - LEGACY_WSCSVC
O64 - Services: CurCS - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV
O64 - Services: CurCS - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC
End of the scan: 698 lines