Rapport de ZHPDiag v1.22.06 par Nicolas Coolman, Update du 14/10/2010 Run by xxx at 29/10/2010 09:16:36 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v6.0.2900.2180 MFIE: Mozilla Firefox (3.6.8) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 2 Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 246 MB (14% free) System drive C: has 69 GB (92%) free of 74 GB ---\\ Logged in mode Computer Name: XXX-4FB7792C953 User Name: xxx All Users Names: xxx, SUPPORT_388945a0, IWAM_XXX-4FB7792C953, IUSR_XXX-4FB7792C953, HelpAssistant, Administrateur, Unselected Option: None Logged in as Administrator ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 74 Go) D:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK ---\\ Processus lancés [MD5.3677FE8F78ED0A5A31360BDE2CF4671A] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [MD5.16713686A3C7FE73DDFC553EB4D21829] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280] [MD5.1F7A803D0E3BDEFB3EF59651A56F7BBD] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAC3RPK.EXE [49215] [MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296] [MD5.CBAC41ADDDD6D5C761CDDD2C015CEF2C] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [580096] ---\\ Page de démarrage de Mozilla Firefox (M0) M0 - MFSP: prefs.js [xxx - k71vxa5z.default] www.google.fr ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = srv_proxy:8080 ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswshx.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (.not file.) O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1417001333-162531612-839522115-1003\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Pas de propriétaire.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Pas de propriétaire.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PowerDVD.lnk . (.Pas de propriétaire.) -- C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Pas de propriétaire.) -- C:\Program Files\Messenger\msmsgs.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Pas de propriétaire.) -- C:\Program Files\Movie Maker\moviemk.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Pas de propriétaire.) -- C:\Program Files\Windows Media Player\wmplayer.exe (.not file.) O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42 O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42 O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42 O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv O17 - HKLM\System\CCS\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv O17 - HKLM\System\CS1\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv O17 - HKLM\System\CS2\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.136.42 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.) O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.) O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.) O23 - Service: BBBBCB50 (BBBBCB50) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\BEDE66B8.exe (.not file.) O23 - Service: Media Seriel Number Service (Media Seriel Number Service) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\moviemk.exe (.not file.) ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Rundll32 IEDKCS32.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys O41 - Driver: avipbb (avipbb) . (.AVIRA GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (sscdbhk5) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\sscdbhk5.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: (ssrtln) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\ssrtln.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Canon LBP5200 - (.Pas de propriétaire.) [HKLM] -- Canon LBP5200 O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20} O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.8) O42 - Logiciel: PowerDVD 5.1 - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17} O42 - Logiciel: Sonic Audio module - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} O42 - Logiciel: Sonic DLA - (.Sonic Solutions.) [HKLM] -- {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2 O42 - Logiciel: Zuma's Revenge! - (.AllSmartGames.) [HKLM] -- Zuma's Revenge!1.0 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\Adobe] [HKCU\Software\AlcorMicro] [HKCU\Software\Avg] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\Grisoft] [HKCU\Software\Intel] [HKCU\Software\InterTrust] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Netscape] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\Sonic] [HKCU\Software\SpinTop] [HKCU\Software\Sysinternals] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKLM\Software\0] [HKLM\Software\13fe] [HKLM\Software\457] [HKLM\Software\718] [HKLM\Software\781] [HKLM\Software\8ec] [HKLM\Software\90c] [HKLM\Software\ALWIL Software] [HKLM\Software\Adobe] [HKLM\Software\Avg] [HKLM\Software\Avira] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Gemplus] [HKLM\Software\Grisoft] [HKLM\Software\INTEL] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Lake] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RegisteredApplications] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\SigmaTel] [HKLM\Software\Sonic] [HKLM\Software\Swearware] [HKLM\Software\SymNRT] [HKLM\Software\Symantec] [HKLM\Software\TrendMicro] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software O43 - CFD:Common File Directory ---AD- C:\Program Files\Canon O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Grisoft O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\internet explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\SigmaTel O43 - CFD:Common File Directory ----D- C:\Program Files\Sonic O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Zuma's Revenge! O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:11:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [26238] O44 - LFC:[MD5.616E8D2B73D217CFA56E7BCEC5DE7942] - 29/10/2010 - 09:11:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982381.log [662] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/10/2010 - 09:10:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/10/2010 - 09:09:56 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.163E20CBCCEFCDD42F46E43A94173C46] - 29/10/2010 - 09:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1.taz [126] O44 - LFC:[MD5.09414976FE67DFDADB1DD4710B0E6B26] - 29/10/2010 - 09:06:39 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\zPharaoh.exe [155011] O44 - LFC:[MD5.890E3861D951C0271F008A523FED4B34] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [969062] O44 - LFC:[MD5.5CD95951821FFC10F39C32FEA7C756A3] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [63718] O44 - LFC:[MD5.198CAE99CE6C707DC5644C40E539B581] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [75242] O44 - LFC:[MD5.6AB47C1DE1911AAC29A26DBE5D664E98] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [378100] O44 - LFC:[MD5.1A9B8558884EE3B83FC1283380CBDF90] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [440496] O44 - LFC:[MD5.4E7F23F36F8B2A21BD5B4189F499B15F] - 29/10/2010 - 03:24:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [228000] O44 - LFC:[MD5.D0329F7C43444AE335396DF098780CD8] - 29/10/2010 - 03:03:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [6082] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.B5B9633C87178555DE9C45E15B13EE1B] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [689] O44 - LFC:[MD5.C9C169A9E316B9C1B9F69D5C0110FC48] - 27/10/2010 - 15:47:48 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\WINDOWS\IsUninst.exe [463215] O44 - LFC:[MD5.683C2D47C73FC453D42BC79BFFA0A641] - 27/10/2010 - 15:47:48 ---A- . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\dla.exe [254887] O44 - LFC:[MD5.6677A3492BD3F2ADD68D6AE8A7981499] - 27/10/2010 - 15:18:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [6416] O44 - LFC:[MD5.CA8666B67F3DF8AC7A2C797EF3F0E4FF] - 27/10/2010 - 15:06:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wininit.ini [2788] O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 27/10/2010 - 11:49:19 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 27/10/2010 - 11:49:15 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [19160] O44 - LFC:[MD5.617E6127772068A0F5EC8351047809C3] - 27/10/2010 - 08:24:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2228] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.9D568F7837B3260E0CF9439D1A6BF9B3] - 26/10/2010 - 11:12:21 ---A- - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf O45 - LFCP:[MD5.F8F49DDEFB2CBE974264AEA06A2BA8E5] - 27/10/2010 - 08:41:38 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf O45 - LFCP:[MD5.52DF8F08B5141EE38F5BCDD6D656C93D] - 27/10/2010 - 08:41:39 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf O45 - LFCP:[MD5.6AF0FD78B19BDC18E3126A8D899FEA54] - 27/10/2010 - 10:42:24 ---A- - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf O45 - LFCP:[MD5.31968D6DB90825EB4236E43B5C44A5EF] - 27/10/2010 - 10:42:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf O45 - LFCP:[MD5.ACDC9D1D4C3B6F55DF2F7F086E0A1701] - 27/10/2010 - 10:58:35 ---A- - C:\WINDOWS\Prefetch\OIS.EXE-33076924.pf O45 - LFCP:[MD5.1AF4AE12B783713399A800D7F6BDD0BA] - 27/10/2010 - 12:29:30 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf O45 - LFCP:[MD5.33386D5B774BE9654BEAA047A65534B0] - 27/10/2010 - 15:16:35 ---A- - C:\WINDOWS\Prefetch\ECHOX.EXE-0EC32D49.pf O45 - LFCP:[MD5.2F6250C9032B43CE4DDF606EC0D257F9] - 27/10/2010 - 15:16:36 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf O45 - LFCP:[MD5.7B1B32060763497EEA09876013628626] - 27/10/2010 - 15:16:45 ---A- - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf O45 - LFCP:[MD5.BD5459EE5336DDEAD95F5096F2482BEE] - 27/10/2010 - 15:57:17 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf O45 - LFCP:[MD5.70E2FCFBBA73BB762C76145F6AFC5956] - 27/10/2010 - 16:22:49 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf O45 - LFCP:[MD5.F10FA96F62E1D74262E57DA6EC61A442] - 27/10/2010 - 16:25:46 ---A- - C:\WINDOWS\Prefetch\IGFXSRVC.EXE-2FB63FE8.pf O45 - LFCP:[MD5.25FBBDBCFF1664FF80AFA1598B0BA9AD] - 28/10/2010 - 15:23:59 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf O45 - LFCP:[MD5.BCDE83F9B1CB484F2294E26E57F43D72] - 29/10/2010 - 03:00:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3563ABE9.pf O45 - LFCP:[MD5.57BBB5D5B0343216D79403885E62B185] - 29/10/2010 - 03:00:34 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C56B398.pf O45 - LFCP:[MD5.4728971D5A7989DCDB54A8A43BC808AD] - 29/10/2010 - 03:00:40 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0212FBB0.pf O45 - LFCP:[MD5.347EA23BE50B834F222B8055659AF838] - 29/10/2010 - 03:00:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-218163BB.pf O45 - LFCP:[MD5.8655994F9EEEDDB0A06DBBE56D647C83] - 29/10/2010 - 03:00:53 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-307B7330.pf O45 - LFCP:[MD5.B834FB99456D8128F35D844869449440] - 29/10/2010 - 03:01:02 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB923789-X86-FRA.EX-27ADD321.pf O45 - LFCP:[MD5.0250233A5888A8D2318D488738586ADF] - 29/10/2010 - 03:01:04 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0181CD10.pf O45 - LFCP:[MD5.35199B2C7B2A7A1CDEE534D93F722765] - 29/10/2010 - 03:01:21 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38086753.pf O45 - LFCP:[MD5.ECC8CAC6E3F8990AEC21950D1F91835D] - 29/10/2010 - 03:01:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-24C17FF8.pf O45 - LFCP:[MD5.7B9EDE79A2C948662A6BAC0E6ACCBD36] - 29/10/2010 - 03:01:45 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf O45 - LFCP:[MD5.7B8091EBED46968764C69F2F46E70D52] - 29/10/2010 - 03:04:40 ---A- - C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf O45 - LFCP:[MD5.CBF539CBAF04DB37E7F41E916571940E] - 29/10/2010 - 03:05:19 ---A- - C:\WINDOWS\Prefetch\SPUPDSVC.EXE-21B36524.pf O45 - LFCP:[MD5.12A1E221C4EB3EE79D6E74170D97EB37] - 29/10/2010 - 03:06:10 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C76F2DD.pf O45 - LFCP:[MD5.489E25DFEADF87F2FA794CBD28B64DC5] - 29/10/2010 - 03:06:16 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-06FDF3DD.pf O45 - LFCP:[MD5.6F8BE149D7505B1651B70DCECFBC5563] - 29/10/2010 - 03:06:22 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-31262246.pf O45 - LFCP:[MD5.B9525EEF10836B8D2BD6AFD75B6E4025] - 29/10/2010 - 03:06:28 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33681E51.pf O45 - LFCP:[MD5.55927D470F67A8CF811E1C328A06419F] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WGASETUP.EXE-38108902.pf O45 - LFCP:[MD5.BC067A5861B33105259DD6C72317EC63] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB905474-FRA-X86.EX-296B25E8.pf O45 - LFCP:[MD5.2EE8C94D9194885F28A778F22AC29529] - 29/10/2010 - 03:06:56 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-029C43FA.pf O45 - LFCP:[MD5.94525F0E1EAD5FE8AD5B264BF1069D46] - 29/10/2010 - 03:07:01 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-36D1321E.pf O45 - LFCP:[MD5.C7379FF9A7E1E89003D2578E57A0F159] - 29/10/2010 - 03:07:05 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B1DB1FC.pf O45 - LFCP:[MD5.6E8F55CF00AB0B726DA9A78B7A6E284B] - 29/10/2010 - 03:07:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-21AC5B35.pf O45 - LFCP:[MD5.8326A14BB5D0FB9FFC94C727456FFE6E] - 29/10/2010 - 03:07:14 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-162BB5AE.pf O45 - LFCP:[MD5.ACE7403E604DD5BD785ABEE135713DB6] - 29/10/2010 - 03:07:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-28956928.pf O45 - LFCP:[MD5.59B351B6B472600BA7099229E1247203] - 29/10/2010 - 03:07:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1673E9BB.pf O45 - LFCP:[MD5.836C65C8AB3EC9ACE01A8667A11CEF3B] - 29/10/2010 - 03:07:27 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-27D23DFC.pf O45 - LFCP:[MD5.B9C35AE622628F87B7CA8BBB31E0BD5F] - 29/10/2010 - 03:07:31 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38E6D1B9.pf O45 - LFCP:[MD5.80BC1C10A9A372FB39E1F3647D5ACA7A] - 29/10/2010 - 03:07:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0894953D.pf O45 - LFCP:[MD5.4684EA50AA2F994EDC52A95ED0B44A93] - 29/10/2010 - 03:07:52 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3B446165.pf O45 - LFCP:[MD5.266E0E72CCB2AFA0D888A70C251F5A23] - 29/10/2010 - 03:07:57 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33D781FC.pf O45 - LFCP:[MD5.F707A806F263B2E16686B927D093A755] - 29/10/2010 - 03:08:02 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2C91257D.pf O45 - LFCP:[MD5.4C83CE2B18EE07F73FB3B8007AAD1C29] - 29/10/2010 - 03:08:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-17F13F49.pf O45 - LFCP:[MD5.22D42980587B2CF9AB547ADB2AF5A730] - 29/10/2010 - 03:08:13 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-11C8BD71.pf O45 - LFCP:[MD5.CD8CCB4596E931A765881C1C88C61791] - 29/10/2010 - 03:08:18 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3A70BCC5.pf O45 - LFCP:[MD5.A88C24621F7C1E515CFBA06686C786D6] - 29/10/2010 - 03:08:24 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2CDF45D7.pf O45 - LFCP:[MD5.401CB9BB03484C9AE66B554AB70E01B6] - 29/10/2010 - 03:08:29 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-199FE423.pf O45 - LFCP:[MD5.A3633DA35C7527CB6CAB794E52395E83] - 29/10/2010 - 03:23:46 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf O45 - LFCP:[MD5.C1A4B7766BAFC86B90105BD39B4C84F1] - 29/10/2010 - 03:28:55 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf O45 - LFCP:[MD5.119ECEE484184EEE8BB5D82DF5ABCC9C] - 29/10/2010 - 03:39:11 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.AED5441EC0EE332BEF7DEBF0F5159FA7] - 29/10/2010 - 09:02:11 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf O45 - LFCP:[MD5.4846AB6D0F6F5514B041B3EDFA2FD51B] - 29/10/2010 - 09:06:49 ---A- - C:\WINDOWS\Prefetch\TAZEBAMA.DL_-1B94900B.pf O45 - LFCP:[MD5.8E320C4488EAED66315DE69A33F40431] - 29/10/2010 - 09:06:54 ---A- - C:\WINDOWS\Prefetch\WINMINE.EXE-0A3838A4.pf O45 - LFCP:[MD5.146F5D4E6E0DB1CA2E871FA73A2D7965] - 29/10/2010 - 09:06:56 ---A- - C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf O45 - LFCP:[MD5.67C623B5A84EE41EC1F307748C607281] - 29/10/2010 - 09:07:27 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf O45 - LFCP:[MD5.0FCF3A89A161FCAEE8300D6D19BA9FE7] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.BE499D1C24C36B1E17A36DE2116F2116] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf O45 - LFCP:[MD5.2590491C00A833D450B22C7ADABEC4A1] - 29/10/2010 - 09:11:22 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf O45 - LFCP:[MD5.3578D3A0F8A7B96B6FCC5A41BEE2395B] - 29/10/2010 - 09:11:30 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf O45 - LFCP:[MD5.E499A181FAE8A46163D5AF84739C457F] - 29/10/2010 - 09:11:37 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-007DE6E8.pf O45 - LFCP:[MD5.EB219236CFBB95B0A6458C5FE9FF30AA] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-33D7733B.pf O45 - LFCP:[MD5.39C1B982E5B0F018E3F9396C200B37F1] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.TMP-2B793334.pf O45 - LFCP:[MD5.5264D5CB089CE1D1616805886E54D0A6] - 29/10/2010 - 09:16:21 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\CNAC3RPK.EXE" [Enabled] .(.CANON INC. - Canon Advanced Printing Technology RPC Server Process.) -- C:\WINDOWS\system32\CNAC3RPK.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\command . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\mission OMI 2 001 O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\dla [Key] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswctrl.exe O53 - SMSR:HKLM\...\startupreg\DrvMon.exe [Key] . (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe O53 - SMSR:HKLM\...\startupreg\DVDLauncher [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O53 - SMSR:HKLM\...\startupreg\igfxpers [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O53 - SMSR:HKLM\...\startupreg\igfxtray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O53 - SMSR:HKLM\...\startupreg\MisVh55 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\inf\ MisVh55.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewOnDrive"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogOff"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSetFolders"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=255 O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=255 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 19/08/2004 - 17:20:54 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.FEFF0EE6B3BCECE911B455C74304DE5C] - 09/08/2007 - 13:04:11 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.AB1B39C8C3279271757CA622C93C716B] - 18/07/2007 - 14:22:19 ---A- . (.Avira GmbH - Avira Antivir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.8B213DA82B559787DCEB41072A3D4C40] - 07/09/2007 - 12:05:19 ---A- . (.AVIRA GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.84853B3FD012251690570E9E7E43343F] - 13/12/2004 - 22:14:00 ---A- . (.Adaptec, Inc. - DELL CERC SATA1.5/6ch Miniport Driver.) -- C:\WINDOWS\system32\drivers\cercsr6.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/09/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.7C872FA5CE3147EC28DAF7AE7F76AB37] - 15/01/2003 - 09:43:52 ---A- . (.D-Link - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys O58 - SDL:[MD5.24646242310499D75C6DB4B32768A3B3] - 02/02/2005 - 03:22:00 ---A- . (.Sonic Solutions - Device Driver.) -- C:\WINDOWS\system32\drivers\drvmcdb.sys O58 - SDL:[MD5.2FF629C1C443E25D0149B9DFB77E43A8] - 23/12/2004 - 02:56:00 ---A- . (.Sonic Solutions - Device Driver Manager.) -- C:\WINDOWS\system32\drivers\drvnddm.sys O58 - SDL:[MD5.95974E66D3DE4951D29E28E8BC0B644C] - 14/10/2004 - 16:30:46 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\WINDOWS\system32\drivers\e100b325.sys O58 - SDL:[MD5.E31363D186B3E1D7C4E9117884A6AEE5] - 12/08/2004 - 17:45:54 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys O58 - SDL:[MD5.9131EDE087AF04A7D80F7EBADC164254] - 12/08/2004 - 17:45:52 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys O58 - SDL:[MD5.9A883C3C4D91292C0D09DE7C728E781C] - 20/09/2005 - 11:00:54 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.B7FB72492B753930EC70A0F49D04F12F] - 17/03/2006 - 01:51:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) -- C:\WINDOWS\system32\drivers\NvAtaBus.sys O58 - SDL:[MD5.4BC863E8FB65EBCFDDE04822CF875E76] - 17/03/2006 - 01:51:38 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\system32\drivers\nvraid.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/09/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.7C81AE3C9B82BA2DA437ED4D31BC56CF] - 26/01/2005 - 02:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 12:36:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 19/08/2004 - 17:20:54 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.1CBD1B58A32DE97899F5290B05F856DB] - 02/12/2004 - 11:04:20 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys O58 - SDL:[MD5.3D2829FDE1C52FC64DA5413889CE4DEE] - 01/03/2007 - 10:34:36 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.7FB07AC152D7A87E66204860002BD9A4] - 02/12/2004 - 11:04:10 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\ssrtln.sys O58 - SDL:[MD5.26EB7ACF476A3461B85F5BCE9A677A4A] - 17/08/2005 - 14:41:08 ---A- . (.SigmaTel, Inc. - NDRC.) -- C:\WINDOWS\system32\drivers\sthda.sys O58 - SDL:[MD5.1FD5249D5103125D2DA63F68D7BE1D35] - 17/11/2005 - 19:58:16 ---A- . (.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort).) -- C:\WINDOWS\system32\drivers\symmpi.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/09/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 23:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 27/10/2010 - 08:25:52 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Office\OIS11.pip [428] O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Bureau\Mozilla Firefox.lnk [1602] O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk [1636] O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox.lnk [1614] O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [1620] O61 - LFC:Last File Created 27/10/2010 - 10:36:41 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10] O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compatibility.ini [187] O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\profiles.ini [111] O61 - LFC:Last File Created 27/10/2010 - 10:36:53 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\permissions.sqlite [2048] O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.cache [106] O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.ini [125] O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.rdf [1179] O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\xpti.dat [101881] O61 - LFC:Last File Created 27/10/2010 - 10:36:55 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compreg.dat [147476] O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.json [11719] O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.sqlite [2048] O61 - LFC:Last File Created 27/10/2010 - 10:37:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\secmod.db [16384] O61 - LFC:Last File Created 27/10/2010 - 10:37:05 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\content-prefs.sqlite [7168] O61 - LFC:Last File Created 27/10/2010 - 10:37:10 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\mimeTypes.rdf [3360] O61 - LFC:Last File Created 27/10/2010 - 10:37:11 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\pluginreg.dat [452] O61 - LFC:Last File Created 27/10/2010 - 10:40:28 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-27.json [4319] O61 - LFC:Last File Created 27/10/2010 - 10:40:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\OfflineCache\index.sqlite [10240] O61 - LFC:Last File Created 27/10/2010 - 10:47:38 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\signons.sqlite [11264] O61 - LFC:Last File Created 27/10/2010 - 10:55:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XUL.mfl [1211644] O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Bureau\CCleaner.lnk [682] O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner Homepage.url [74] O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk [694] O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\Uninstall CCleaner.lnk [507] O61 - LFC:Last File Created 27/10/2010 - 10:57:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe [0] O61 - LFC:Last File Created 27/10/2010 - 11:23:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe.part [6153352] O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [696] O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Désinstaller Malwarebytes' Anti-Malware.lnk [732] O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk [708] O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk [708] O61 - LFC:Last File Created 27/10/2010 - 11:49:34 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat [0] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21251 [91] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24927 [104] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.39714 [117] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.44255 [120] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.71825 [103] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85325 [87] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89589 [106] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.93892 [120] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP2.95820 [77] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21251 [32768] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24927 [591215] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.39714 [11416] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.44255 [177] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.71825 [591215] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85325 [32768] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89589 [591215] O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93892 [264047] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14833 [82] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24969 [83] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.40302 [63] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.45609 [142] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78057 [75] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.82088 [87] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.87720 [64] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.88742 [79] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.97815 [71] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.17583 [171] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.39707 [210] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.47787 [215] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74487 [170] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74494 [167] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.76347 [146] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.86251 [145] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.18650 [189] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.56329 [161] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.98238 [227] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14833 [591215] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24969 [154751] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40302 [126] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.45609 [534895] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78057 [0] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.82088 [154751] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.87720 [154911] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88742 [678] O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.97815 [591215] O61 - LFC:Last File Created 27/10/2010 - 13:14:50 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (13-14-50).txt [4340] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.23557 [87] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.48086 [63] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.49371 [87] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.83239 [64] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.14148 [188] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.68227 [186] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.23557 [154751] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.48086 [126] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.49371 [32768] O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.83239 [155421] O61 - LFC:Last File Created 27/10/2010 - 14:22:03 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (14-22-03).txt [1419] O61 - LFC:Last File Created 27/10/2010 - 14:28:28 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\OIS\Toolbars.dat [723] O61 - LFC:Last File Created 27/10/2010 - 14:53:48 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst [38618112] O61 - LFC:Last File Created 27/10/2010 - 15:38:59 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\mfaurlconf.ini [798] O61 - LFC:Last File Created 27/10/2010 - 15:39:01 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infoavi.ctf [2001] O61 - LFC:Last File Created 27/10/2010 - 15:39:05 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infowin.ctf [17172] O61 - LFC:Last File Created 27/10/2010 - 15:39:06 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infooi.ctf [1615] O61 - LFC:Last File Created 27/10/2010 - 15:40:17 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10mfa1152ux.bin [3210319] O61 - LFC:Last File Created 27/10/2010 - 15:43:51 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-144347.log [11248] O61 - LFC:Last File Created 27/10/2010 - 15:47:11 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10upd1152mp.bin.partial [2366383] O61 - LFC:Last File Created 27/10/2010 - 15:47:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-143857.log [113634] O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgmfapx.exe [3294415] O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgrunasx.exe [393935] O61 - LFC:Last File Created 27/10/2010 - 16:02:01 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\avg_free_stb_eu_2011_1144.exe [4450887] O61 - LFC:Last File Created 27/10/2010 - 16:02:59 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\tazebama.log [27] O61 - LFC:Last File Created 27/10/2010 - 16:04:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Cookies\index.dat [32768] O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 27/10/2010 - 16:14:08 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10] O61 - LFC:Last File Created 27/10/2010 - 16:14:11 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\profiles.ini [111] O61 - LFC:Last File Created 27/10/2010 - 16:14:12 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compatibility.ini [187] O61 - LFC:Last File Created 27/10/2010 - 16:14:17 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\permissions.sqlite [2048] O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.cache [106] O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.ini [125] O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.rdf [1179] O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compreg.dat [147476] O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\xpti.dat [101881] O61 - LFC:Last File Created 27/10/2010 - 16:14:22 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite [135168] O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\formhistory.sqlite [4096] O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.json [11719] O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.sqlite [2048] O61 - LFC:Last File Created 27/10/2010 - 16:14:26 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cookies.sqlite [2048] O61 - LFC:Last File Created 27/10/2010 - 16:14:27 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\secmod.db [16384] O61 - LFC:Last File Created 27/10/2010 - 16:14:29 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\content-prefs.sqlite [7168] O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\mimeTypes.rdf [3360] O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\pluginreg.dat [452] O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XUL.mfl [1013764] O61 - LFC:Last File Created 27/10/2010 - 16:14:34 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XPC.mfl [2336220] O61 - LFC:Last File Created 27/10/2010 - 16:15:28 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\localstore.rdf [569] O61 - LFC:Last File Created 27/10/2010 - 16:16:01 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\prefs.js [1070] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\bookmarkbackups\bookmarks-2010-10-27.json [4131] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cert8.db [65536] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\key3.db [16384] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite-journal [0] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_001_ [4096] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_002_ [4096] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_003_ [4096] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_MAP_ [8468] O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\urlclassifier3.sqlite [32768] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.36286 [114] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.50770 [64] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78357 [83] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.84260 [87] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89065 [117] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.95591 [87] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.36286 [32768] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50770 [155031] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78357 [154751] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.84260 [154751] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89065 [1091] O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.95591 [32768] O61 - LFC:Last File Created 27/10/2010 - 16:19:50 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (16-19-50).txt [1458] O61 - LFC:Last File Created 27/10/2010 - 16:20:02 --HA- C:\Documents And Settings\Administrateur\Local Settings\Application Data\IconCache.db [2656656] O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\NTUSER.DAT [786432] O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 27/10/2010 - 16:20:04 -SHA- C:\Documents And Settings\Administrateur\ntuser.ini [184] O61 - LFC:Last File Created 28/10/2010 - 08:44:02 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\HJTInstall.exe [812344] O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk [1746] O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\xxx\Bureau\HijackThis.lnk [1734] O61 - LFC:Last File Created 28/10/2010 - 10:30:59 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\RSIT.exe [339991] O61 - LFC:Last File Created 28/10/2010 - 11:01:38 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XPC.mfl [2407028] O61 - LFC:Last File Created 28/10/2010 - 12:32:29 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-28.json [4308] O61 - LFC:Last File Created 29/10/2010 - 03:23:42 -SH-- C:\Documents And Settings\xxx\ntuser.ini [284] O61 - LFC:Last File Created 29/10/2010 - 09:06:39 ---A- C:\Documents And Settings\tazebama.dl_ [154751] O61 - LFC:Last File Created 29/10/2010 - 09:06:44 ---A- C:\Documents And Settings\tazebama.dll [32768] O61 - LFC:Last File Created 29/10/2010 - 09:06:47 ---A- C:\Documents And Settings\hook.dl_ [154751] O61 - LFC:Last File Created 29/10/2010 - 09:07:27 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\zPharaoh.dat [24] O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cert8.db [65536] O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\key3.db [16384] O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\localstore.rdf [1799] O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\prefs.js [1874] O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifier3.sqlite [36089856] O61 - LFC:Last File Created 29/10/2010 - 09:09:57 ---A- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 29/10/2010 - 09:09:58 ---A- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:09:59 -SHA- C:\Documents And Settings\xxx\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 29/10/2010 - 09:10:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite [10240] O61 - LFC:Last File Created 29/10/2010 - 09:10:01 -SHA- C:\Documents And Settings\xxx\Recent\Desktop.ini [150] O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:10:11 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini [4334] O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_001_ [173324] O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_002_ [228503] O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_003_ [390403] O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [4232] O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [4617] O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_MAP_ [276] O61 - LFC:Last File Created 29/10/2010 - 09:11:34 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifierkey3.txt [154] O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7C9D1634d01 [29529] O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B10AB35Ed01 [29390] O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Cookies\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 29/10/2010 - 09:12:08 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\0233417Ed01 [39410] O61 - LFC:Last File Created 29/10/2010 - 09:12:09 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\30FED4FBd01 [23219] O61 - LFC:Last File Created 29/10/2010 - 09:12:14 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E6B43658d01 [36624] O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7EB22E25d01 [25914] O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\C645F108d01 [32779] O61 - LFC:Last File Created 29/10/2010 - 09:12:18 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite-journal [3608] O61 - LFC:Last File Created 29/10/2010 - 09:12:26 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\524B4514d01 [82151] O61 - LFC:Last File Created 29/10/2010 - 09:12:30 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\011746F5d01 [20057] O61 - LFC:Last File Created 29/10/2010 - 09:12:50 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\BB86F350d01 [18094] O61 - LFC:Last File Created 29/10/2010 - 09:12:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\2ECE5B63d01 [16941] O61 - LFC:Last File Created 29/10/2010 - 09:12:52 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E7D06A9Ed01 [23631] O61 - LFC:Last File Created 29/10/2010 - 09:13:18 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\13270FD1d01 [22764] O61 - LFC:Last File Created 29/10/2010 - 09:13:19 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E95D9AF6d01 [52028] O61 - LFC:Last File Created 29/10/2010 - 09:13:37 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\formhistory.sqlite [4096] O61 - LFC:Last File Created 29/10/2010 - 09:13:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B06F26F9d01 [112173] O61 - LFC:Last File Created 29/10/2010 - 09:13:58 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\D03AE71Bd01 [86805] O61 - LFC:Last File Created 29/10/2010 - 09:14:28 -SH-- C:\Documents And Settings\xxx\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 29/10/2010 - 09:14:39 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\sessionstore.js [7604] O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\downloads.sqlite [2048] O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\ZHPDiag.exe [2165488] O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite [188416] O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite-journal [0] O61 - LFC:Last File Created 29/10/2010 - 09:16:10 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [439] ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(.Pas de propriétaire - Pas de description.) - LEGACY_AAVMKER4 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.) - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULER O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.) - AntiVir PersonalEdition Classic Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.) - Avira Upgrade Service (AntiVirUpgradeService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRUPGRADESERVICE O64 - Services: CurCS - (.not file.) - avast! Standard Shield Support (aswMon2) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMON2 O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - (.not file.) - AVG7 Wrap Driver (Avg7RsW) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG7RSW O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (.not file.) - avgio (avgio) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (.not file.) - avgntflt (avgntflt) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGNTFLT O64 - Services: CurCS - (.not file.) - AVG Free Network Redirector (AvgTdiX) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGTDIX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.AVIRA GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - C:\WINDOWS\system32\BEDE66B8.exe (.not file.) - BBBBCB50 (BBBBCB50) .(.Pas de propriétaire - Pas de description.) - LEGACY_BBBBCB50 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - (.not file.) - dhfyvk (dhfyvk) .(.Pas de propriétaire - Pas de description.) - LEGACY_DHFYVK O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\DMLOAD.sys - dmload (dmload) .(.Pas de propriétaire - Pas de description.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\Windows\system32\drivers\drvnddm.sys - drvnddm (drvnddm) .(.Sonic Solutions - Device Driver Manager.) - LEGACY_DRVNDDM O64 - Services: CurCS - (.not file.) - EraserUtilDrv10621 (EraserUtilDrv10621) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10621 O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - (.not file.) - Service de rapport d'erreurs (ERSvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fltMgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Administration IIS (IISADMIN) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_IISADMIN O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\WINDOWS\system32\moviemk.exe (.not file.) - Media Seriel Number Service (Media Seriel Number Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_MEDIA_SERIEL_NUMBER_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NTLMSSP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (.not file.) - Office Source Engine (ose) .(.Pas de propriétaire - Pas de description.) - LEGACY_OSE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PCIIDE.sys - PCIIde (PCIIde) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCIIDE O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Simple Mail Transfer Protocol (SMTP) (SMTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_SMTPSVC O64 - Services: CurCS - C:\WINDOWS\System32\snmp.exe - Service SNMP (SNMP) .(.Microsoft Corporation - Service SNMP.) - LEGACY_SNMP O64 - Services: CurCS - C:\WINDOWS\System32\snmptrap.exe - Service d'interruption SNMP (SNMPTRAP) .(.Microsoft Corporation - SNMP Trap Service.) - LEGACY_SNMPTRAP O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Windows\system32\drivers\ssrtln.sys - ssrtln (ssrtln) .(.Sonic Solutions - Shared Driver Component.) - LEGACY_SSRTLN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Windows\system32\dla\tfsnboio.sys - tfsnboio (tfsnboio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNBOIO O64 - Services: CurCS - C:\Windows\system32\dla\tfsncofs.sys - tfsncofs (tfsncofs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNCOFS O64 - Services: CurCS - C:\Windows\system32\dla\tfsndrct.sys - tfsndrct (tfsndrct) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRCT O64 - Services: CurCS - C:\Windows\system32\dla\tfsndres.sys - tfsndres (tfsndres) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRES O64 - Services: CurCS - C:\Windows\system32\dla\tfsnifs.sys - tfsnifs (tfsnifs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNIFS O64 - Services: CurCS - C:\Windows\system32\dla\tfsnopio.sys - tfsnopio (tfsnopio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNOPIO O64 - Services: CurCS - C:\Windows\system32\dla\tfsnpool.sys - tfsnpool (tfsnpool) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNPOOL O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudf.sys - tfsnudf (tfsnudf) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDF O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudfa.sys - tfsnudfa (tfsnudfa) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDFA O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Publication World Wide Web (W3SVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_W3SVC O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC O64 - Services: CurCS - (.not file.) - xcsrioplm (xcsrioplm) .(.Pas de propriétaire - Pas de description.) - LEGACY_XCSRIOPLM ---\\ Liste des fichiers non signés (LUF) (O65) O65 - LUF:22/01/1999 (.Pas de propriétaire - msrtedit Module.) (1, 0, 0, 1) - c:\windows\system32\MSRTEDIT.DLL ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Explorer\iexplore.exe (.not file.) ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Yahoo! Search) - http://us.yhs.search.yahoo.com ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net Run by xxx at 29/10/2010 09:30:19 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog Run by xxx at 29/10/2010 09:31:55 74 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719 Dump file Name : C:\Program Files\ZHPDiag\MBRDump_10-29-10_09-32-00_PhysicalDrive0.bin ---\\ Crack & Keygen Files (CKF) (O82) C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77312] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [60416] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [111616] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [89088] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [174080] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [49152] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [246272] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [359936] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685056] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [382464] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (AntiVirScheduler) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (AntiVirService) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe SS - | Auto 0 | C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (AntiVirUpgradeService) . (.Pas de propriétaire.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe SS - | Auto 0 | C:\WINDOWS\system32\BEDE66B8.exe (BBBBCB50) . (.Pas de propriétaire.) - C:\WINDOWS\system32\BEDE66B8.exe SS - | Demand 19/08/2004 225280 | C:\WINDOWS\System32\dmadmin.exe (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 19/08/2004 0 | C:\WINDOWS\system32\moviemk.exe (Media Seriel Number Service) . (.Pas de propriétaire.) - C:\WINDOWS\system32\moviemk.exe SS - | Demand 19/08/2004 0 | C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (ose) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe End of the scan (1028 lines in 16mn 39s)(2)