Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v1.22.06 par Nicolas Coolman, Update du 14/10/2010
Run by xxx at 29/10/2010 09:16:36
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox (3.6.8)
---\\ System Information
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 246 MB (14% free)
System drive C: has 69 GB (92%) free of 74 GB
---\\ Logged in mode
Computer Name: XXX-4FB7792C953
User Name: xxx
All Users Names: xxx, SUPPORT_388945a0, IWAM_XXX-4FB7792C953, IUSR_XXX-4FB7792C953, HelpAssistant, Administrateur,
Unselected Option: None
Logged in as Administrator
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 74 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
---\\ Processus lancés
[MD5.3677FE8F78ED0A5A31360BDE2CF4671A] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872]
[MD5.16713686A3C7FE73DDFC553EB4D21829] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280]
[MD5.1F7A803D0E3BDEFB3EF59651A56F7BBD] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAC3RPK.EXE [49215]
[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]
[MD5.CBAC41ADDDD6D5C761CDDD2C015CEF2C] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [580096]
---\\ Page de démarrage de Mozilla Firefox (M0)
M0 - MFSP: prefs.js [xxx - k71vxa5z.default] www.google.fr
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = srv_proxy:8080
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswshx.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (.not file.)
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1417001333-162531612-839522115-1003\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Pas de propriétaire.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Pas de propriétaire.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PowerDVD.lnk . (.Pas de propriétaire.) -- C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Pas de propriétaire.) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Pas de propriétaire.) -- C:\Program Files\Movie Maker\moviemk.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Pas de propriétaire.) -- C:\Program Files\Windows Media Player\wmplayer.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CS1\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CS2\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.136.42
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.)
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.)
O23 - Service: BBBBCB50 (BBBBCB50) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\BEDE66B8.exe (.not file.)
O23 - Service: Media Seriel Number Service (Media Seriel Number Service) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\moviemk.exe (.not file.)
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Rundll32 IEDKCS32.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: avgio (avgio) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avipbb (avipbb) . (.AVIRA GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (sscdbhk5) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\sscdbhk5.sys
O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: (ssrtln) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\ssrtln.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP5200 - (.Pas de propriétaire.) [HKLM] -- Canon LBP5200
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.8)
O42 - Logiciel: PowerDVD 5.1 - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17}
O42 - Logiciel: Sonic Audio module - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
O42 - Logiciel: Sonic DLA - (.Sonic Solutions.) [HKLM] -- {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Zuma's Revenge! - (.AllSmartGames.) [HKLM] -- Zuma's Revenge!1.0
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adobe]
[HKCU\Software\AlcorMicro]
[HKCU\Software\Avg]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\Grisoft]
[HKCU\Software\Intel]
[HKCU\Software\InterTrust]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Sonic]
[HKCU\Software\SpinTop]
[HKCU\Software\Sysinternals]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKLM\Software\0]
[HKLM\Software\13fe]
[HKLM\Software\457]
[HKLM\Software\718]
[HKLM\Software\781]
[HKLM\Software\8ec]
[HKLM\Software\90c]
[HKLM\Software\ALWIL Software]
[HKLM\Software\Adobe]
[HKLM\Software\Avg]
[HKLM\Software\Avira]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Gemplus]
[HKLM\Software\Grisoft]
[HKLM\Software\INTEL]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SigmaTel]
[HKLM\Software\Sonic]
[HKLM\Software\Swearware]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ---AD- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Grisoft
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\internet explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\SigmaTel
O43 - CFD:Common File Directory ----D- C:\Program Files\Sonic
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zuma's Revenge!
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:11:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [26238]
O44 - LFC:[MD5.616E8D2B73D217CFA56E7BCEC5DE7942] - 29/10/2010 - 09:11:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982381.log [662]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/10/2010 - 09:10:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/10/2010 - 09:09:56 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.163E20CBCCEFCDD42F46E43A94173C46] - 29/10/2010 - 09:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1.taz [126]
O44 - LFC:[MD5.09414976FE67DFDADB1DD4710B0E6B26] - 29/10/2010 - 09:06:39 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\zPharaoh.exe [155011]
O44 - LFC:[MD5.890E3861D951C0271F008A523FED4B34] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [969062]
O44 - LFC:[MD5.5CD95951821FFC10F39C32FEA7C756A3] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [63718]
O44 - LFC:[MD5.198CAE99CE6C707DC5644C40E539B581] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [75242]
O44 - LFC:[MD5.6AB47C1DE1911AAC29A26DBE5D664E98] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [378100]
O44 - LFC:[MD5.1A9B8558884EE3B83FC1283380CBDF90] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [440496]
O44 - LFC:[MD5.4E7F23F36F8B2A21BD5B4189F499B15F] - 29/10/2010 - 03:24:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [228000]
O44 - LFC:[MD5.D0329F7C43444AE335396DF098780CD8] - 29/10/2010 - 03:03:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [6082]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.B5B9633C87178555DE9C45E15B13EE1B] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [689]
O44 - LFC:[MD5.C9C169A9E316B9C1B9F69D5C0110FC48] - 27/10/2010 - 15:47:48 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\WINDOWS\IsUninst.exe [463215]
O44 - LFC:[MD5.683C2D47C73FC453D42BC79BFFA0A641] - 27/10/2010 - 15:47:48 ---A- . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\dla.exe [254887]
O44 - LFC:[MD5.6677A3492BD3F2ADD68D6AE8A7981499] - 27/10/2010 - 15:18:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [6416]
O44 - LFC:[MD5.CA8666B67F3DF8AC7A2C797EF3F0E4FF] - 27/10/2010 - 15:06:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wininit.ini [2788]
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 27/10/2010 - 11:49:19 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 27/10/2010 - 11:49:15 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [19160]
O44 - LFC:[MD5.617E6127772068A0F5EC8351047809C3] - 27/10/2010 - 08:24:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2228]
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.9D568F7837B3260E0CF9439D1A6BF9B3] - 26/10/2010 - 11:12:21 ---A- - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf
O45 - LFCP:[MD5.F8F49DDEFB2CBE974264AEA06A2BA8E5] - 27/10/2010 - 08:41:38 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:[MD5.52DF8F08B5141EE38F5BCDD6D656C93D] - 27/10/2010 - 08:41:39 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
O45 - LFCP:[MD5.6AF0FD78B19BDC18E3126A8D899FEA54] - 27/10/2010 - 10:42:24 ---A- - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf
O45 - LFCP:[MD5.31968D6DB90825EB4236E43B5C44A5EF] - 27/10/2010 - 10:42:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf
O45 - LFCP:[MD5.ACDC9D1D4C3B6F55DF2F7F086E0A1701] - 27/10/2010 - 10:58:35 ---A- - C:\WINDOWS\Prefetch\OIS.EXE-33076924.pf
O45 - LFCP:[MD5.1AF4AE12B783713399A800D7F6BDD0BA] - 27/10/2010 - 12:29:30 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
O45 - LFCP:[MD5.33386D5B774BE9654BEAA047A65534B0] - 27/10/2010 - 15:16:35 ---A- - C:\WINDOWS\Prefetch\ECHOX.EXE-0EC32D49.pf
O45 - LFCP:[MD5.2F6250C9032B43CE4DDF606EC0D257F9] - 27/10/2010 - 15:16:36 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:[MD5.7B1B32060763497EEA09876013628626] - 27/10/2010 - 15:16:45 ---A- - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf
O45 - LFCP:[MD5.BD5459EE5336DDEAD95F5096F2482BEE] - 27/10/2010 - 15:57:17 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:[MD5.70E2FCFBBA73BB762C76145F6AFC5956] - 27/10/2010 - 16:22:49 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:[MD5.F10FA96F62E1D74262E57DA6EC61A442] - 27/10/2010 - 16:25:46 ---A- - C:\WINDOWS\Prefetch\IGFXSRVC.EXE-2FB63FE8.pf
O45 - LFCP:[MD5.25FBBDBCFF1664FF80AFA1598B0BA9AD] - 28/10/2010 - 15:23:59 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:[MD5.BCDE83F9B1CB484F2294E26E57F43D72] - 29/10/2010 - 03:00:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3563ABE9.pf
O45 - LFCP:[MD5.57BBB5D5B0343216D79403885E62B185] - 29/10/2010 - 03:00:34 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C56B398.pf
O45 - LFCP:[MD5.4728971D5A7989DCDB54A8A43BC808AD] - 29/10/2010 - 03:00:40 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0212FBB0.pf
O45 - LFCP:[MD5.347EA23BE50B834F222B8055659AF838] - 29/10/2010 - 03:00:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-218163BB.pf
O45 - LFCP:[MD5.8655994F9EEEDDB0A06DBBE56D647C83] - 29/10/2010 - 03:00:53 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-307B7330.pf
O45 - LFCP:[MD5.B834FB99456D8128F35D844869449440] - 29/10/2010 - 03:01:02 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB923789-X86-FRA.EX-27ADD321.pf
O45 - LFCP:[MD5.0250233A5888A8D2318D488738586ADF] - 29/10/2010 - 03:01:04 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0181CD10.pf
O45 - LFCP:[MD5.35199B2C7B2A7A1CDEE534D93F722765] - 29/10/2010 - 03:01:21 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38086753.pf
O45 - LFCP:[MD5.ECC8CAC6E3F8990AEC21950D1F91835D] - 29/10/2010 - 03:01:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-24C17FF8.pf
O45 - LFCP:[MD5.7B9EDE79A2C948662A6BAC0E6ACCBD36] - 29/10/2010 - 03:01:45 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:[MD5.7B8091EBED46968764C69F2F46E70D52] - 29/10/2010 - 03:04:40 ---A- - C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf
O45 - LFCP:[MD5.CBF539CBAF04DB37E7F41E916571940E] - 29/10/2010 - 03:05:19 ---A- - C:\WINDOWS\Prefetch\SPUPDSVC.EXE-21B36524.pf
O45 - LFCP:[MD5.12A1E221C4EB3EE79D6E74170D97EB37] - 29/10/2010 - 03:06:10 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C76F2DD.pf
O45 - LFCP:[MD5.489E25DFEADF87F2FA794CBD28B64DC5] - 29/10/2010 - 03:06:16 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-06FDF3DD.pf
O45 - LFCP:[MD5.6F8BE149D7505B1651B70DCECFBC5563] - 29/10/2010 - 03:06:22 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-31262246.pf
O45 - LFCP:[MD5.B9525EEF10836B8D2BD6AFD75B6E4025] - 29/10/2010 - 03:06:28 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33681E51.pf
O45 - LFCP:[MD5.55927D470F67A8CF811E1C328A06419F] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WGASETUP.EXE-38108902.pf
O45 - LFCP:[MD5.BC067A5861B33105259DD6C72317EC63] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB905474-FRA-X86.EX-296B25E8.pf
O45 - LFCP:[MD5.2EE8C94D9194885F28A778F22AC29529] - 29/10/2010 - 03:06:56 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-029C43FA.pf
O45 - LFCP:[MD5.94525F0E1EAD5FE8AD5B264BF1069D46] - 29/10/2010 - 03:07:01 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-36D1321E.pf
O45 - LFCP:[MD5.C7379FF9A7E1E89003D2578E57A0F159] - 29/10/2010 - 03:07:05 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B1DB1FC.pf
O45 - LFCP:[MD5.6E8F55CF00AB0B726DA9A78B7A6E284B] - 29/10/2010 - 03:07:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-21AC5B35.pf
O45 - LFCP:[MD5.8326A14BB5D0FB9FFC94C727456FFE6E] - 29/10/2010 - 03:07:14 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-162BB5AE.pf
O45 - LFCP:[MD5.ACE7403E604DD5BD785ABEE135713DB6] - 29/10/2010 - 03:07:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-28956928.pf
O45 - LFCP:[MD5.59B351B6B472600BA7099229E1247203] - 29/10/2010 - 03:07:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1673E9BB.pf
O45 - LFCP:[MD5.836C65C8AB3EC9ACE01A8667A11CEF3B] - 29/10/2010 - 03:07:27 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-27D23DFC.pf
O45 - LFCP:[MD5.B9C35AE622628F87B7CA8BBB31E0BD5F] - 29/10/2010 - 03:07:31 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38E6D1B9.pf
O45 - LFCP:[MD5.80BC1C10A9A372FB39E1F3647D5ACA7A] - 29/10/2010 - 03:07:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0894953D.pf
O45 - LFCP:[MD5.4684EA50AA2F994EDC52A95ED0B44A93] - 29/10/2010 - 03:07:52 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3B446165.pf
O45 - LFCP:[MD5.266E0E72CCB2AFA0D888A70C251F5A23] - 29/10/2010 - 03:07:57 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33D781FC.pf
O45 - LFCP:[MD5.F707A806F263B2E16686B927D093A755] - 29/10/2010 - 03:08:02 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2C91257D.pf
O45 - LFCP:[MD5.4C83CE2B18EE07F73FB3B8007AAD1C29] - 29/10/2010 - 03:08:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-17F13F49.pf
O45 - LFCP:[MD5.22D42980587B2CF9AB547ADB2AF5A730] - 29/10/2010 - 03:08:13 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-11C8BD71.pf
O45 - LFCP:[MD5.CD8CCB4596E931A765881C1C88C61791] - 29/10/2010 - 03:08:18 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3A70BCC5.pf
O45 - LFCP:[MD5.A88C24621F7C1E515CFBA06686C786D6] - 29/10/2010 - 03:08:24 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2CDF45D7.pf
O45 - LFCP:[MD5.401CB9BB03484C9AE66B554AB70E01B6] - 29/10/2010 - 03:08:29 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-199FE423.pf
O45 - LFCP:[MD5.A3633DA35C7527CB6CAB794E52395E83] - 29/10/2010 - 03:23:46 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:[MD5.C1A4B7766BAFC86B90105BD39B4C84F1] - 29/10/2010 - 03:28:55 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf
O45 - LFCP:[MD5.119ECEE484184EEE8BB5D82DF5ABCC9C] - 29/10/2010 - 03:39:11 ---A- - C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:[MD5.AED5441EC0EE332BEF7DEBF0F5159FA7] - 29/10/2010 - 09:02:11 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
O45 - LFCP:[MD5.4846AB6D0F6F5514B041B3EDFA2FD51B] - 29/10/2010 - 09:06:49 ---A- - C:\WINDOWS\Prefetch\TAZEBAMA.DL_-1B94900B.pf
O45 - LFCP:[MD5.8E320C4488EAED66315DE69A33F40431] - 29/10/2010 - 09:06:54 ---A- - C:\WINDOWS\Prefetch\WINMINE.EXE-0A3838A4.pf
O45 - LFCP:[MD5.146F5D4E6E0DB1CA2E871FA73A2D7965] - 29/10/2010 - 09:06:56 ---A- - C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf
O45 - LFCP:[MD5.67C623B5A84EE41EC1F307748C607281] - 29/10/2010 - 09:07:27 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:[MD5.0FCF3A89A161FCAEE8300D6D19BA9FE7] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.BE499D1C24C36B1E17A36DE2116F2116] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:[MD5.2590491C00A833D450B22C7ADABEC4A1] - 29/10/2010 - 09:11:22 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:[MD5.3578D3A0F8A7B96B6FCC5A41BEE2395B] - 29/10/2010 - 09:11:30 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf
O45 - LFCP:[MD5.E499A181FAE8A46163D5AF84739C457F] - 29/10/2010 - 09:11:37 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-007DE6E8.pf
O45 - LFCP:[MD5.EB219236CFBB95B0A6458C5FE9FF30AA] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-33D7733B.pf
O45 - LFCP:[MD5.39C1B982E5B0F018E3F9396C200B37F1] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.TMP-2B793334.pf
O45 - LFCP:[MD5.5264D5CB089CE1D1616805886E54D0A6] - 29/10/2010 - 09:16:21 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\CNAC3RPK.EXE" [Enabled] .(.CANON INC. - Canon Advanced Printing Technology RPC Server Process.) -- C:\WINDOWS\system32\CNAC3RPK.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\command . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\mission OMI 2 001
O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\dla [Key] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
O53 - SMSR:HKLM\...\startupreg\DrvMon.exe [Key] . (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe
O53 - SMSR:HKLM\...\startupreg\DVDLauncher [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\igfxpers [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\igfxtray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\MisVh55 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\inf\ MisVh55.exe
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewOnDrive"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogOff"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSetFolders"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 19/08/2004 - 17:20:54 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys
O58 - SDL:[MD5.FEFF0EE6B3BCECE911B455C74304DE5C] - 09/08/2007 - 13:04:11 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys
O58 - SDL:[MD5.AB1B39C8C3279271757CA622C93C716B] - 18/07/2007 - 14:22:19 ---A- . (.Avira GmbH - Avira Antivir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys
O58 - SDL:[MD5.8B213DA82B559787DCEB41072A3D4C40] - 07/09/2007 - 12:05:19 ---A- . (.AVIRA GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys
O58 - SDL:[MD5.84853B3FD012251690570E9E7E43343F] - 13/12/2004 - 22:14:00 ---A- . (.Adaptec, Inc. - DELL CERC SATA1.5/6ch Miniport Driver.) -- C:\WINDOWS\system32\drivers\cercsr6.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/09/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.7C872FA5CE3147EC28DAF7AE7F76AB37] - 15/01/2003 - 09:43:52 ---A- . (.D-Link - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys
O58 - SDL:[MD5.24646242310499D75C6DB4B32768A3B3] - 02/02/2005 - 03:22:00 ---A- . (.Sonic Solutions - Device Driver.) -- C:\WINDOWS\system32\drivers\drvmcdb.sys
O58 - SDL:[MD5.2FF629C1C443E25D0149B9DFB77E43A8] - 23/12/2004 - 02:56:00 ---A- . (.Sonic Solutions - Device Driver Manager.) -- C:\WINDOWS\system32\drivers\drvnddm.sys
O58 - SDL:[MD5.95974E66D3DE4951D29E28E8BC0B644C] - 14/10/2004 - 16:30:46 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\WINDOWS\system32\drivers\e100b325.sys
O58 - SDL:[MD5.E31363D186B3E1D7C4E9117884A6AEE5] - 12/08/2004 - 17:45:54 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys
O58 - SDL:[MD5.9131EDE087AF04A7D80F7EBADC164254] - 12/08/2004 - 17:45:52 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys
O58 - SDL:[MD5.9A883C3C4D91292C0D09DE7C728E781C] - 20/09/2005 - 11:00:54 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.B7FB72492B753930EC70A0F49D04F12F] - 17/03/2006 - 01:51:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) -- C:\WINDOWS\system32\drivers\NvAtaBus.sys
O58 - SDL:[MD5.4BC863E8FB65EBCFDDE04822CF875E76] - 17/03/2006 - 01:51:38 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\system32\drivers\nvraid.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/09/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.7C81AE3C9B82BA2DA437ED4D31BC56CF] - 26/01/2005 - 02:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 12:36:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 19/08/2004 - 17:20:54 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys
O58 - SDL:[MD5.1CBD1B58A32DE97899F5290B05F856DB] - 02/12/2004 - 11:04:20 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys
O58 - SDL:[MD5.3D2829FDE1C52FC64DA5413889CE4DEE] - 01/03/2007 - 10:34:36 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.7FB07AC152D7A87E66204860002BD9A4] - 02/12/2004 - 11:04:10 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\ssrtln.sys
O58 - SDL:[MD5.26EB7ACF476A3461B85F5BCE9A677A4A] - 17/08/2005 - 14:41:08 ---A- . (.SigmaTel, Inc. - NDRC.) -- C:\WINDOWS\system32\drivers\sthda.sys
O58 - SDL:[MD5.1FD5249D5103125D2DA63F68D7BE1D35] - 17/11/2005 - 19:58:16 ---A- . (.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort).) -- C:\WINDOWS\system32\drivers\symmpi.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/09/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 23:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 27/10/2010 - 08:25:52 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Office\OIS11.pip [428]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Bureau\Mozilla Firefox.lnk [1602]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk [1636]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox.lnk [1614]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [1620]
O61 - LFC:Last File Created 27/10/2010 - 10:36:41 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10]
O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compatibility.ini [187]
O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\profiles.ini [111]
O61 - LFC:Last File Created 27/10/2010 - 10:36:53 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\permissions.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.cache [106]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.ini [125]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.rdf [1179]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\xpti.dat [101881]
O61 - LFC:Last File Created 27/10/2010 - 10:36:55 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compreg.dat [147476]
O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.json [11719]
O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 10:37:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\secmod.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 10:37:05 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\content-prefs.sqlite [7168]
O61 - LFC:Last File Created 27/10/2010 - 10:37:10 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\mimeTypes.rdf [3360]
O61 - LFC:Last File Created 27/10/2010 - 10:37:11 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\pluginreg.dat [452]
O61 - LFC:Last File Created 27/10/2010 - 10:40:28 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-27.json [4319]
O61 - LFC:Last File Created 27/10/2010 - 10:40:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\OfflineCache\index.sqlite [10240]
O61 - LFC:Last File Created 27/10/2010 - 10:47:38 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\signons.sqlite [11264]
O61 - LFC:Last File Created 27/10/2010 - 10:55:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XUL.mfl [1211644]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Bureau\CCleaner.lnk [682]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner Homepage.url [74]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk [694]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\Uninstall CCleaner.lnk [507]
O61 - LFC:Last File Created 27/10/2010 - 10:57:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe [0]
O61 - LFC:Last File Created 27/10/2010 - 11:23:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe.part [6153352]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [696]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Désinstaller Malwarebytes' Anti-Malware.lnk [732]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk [708]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk [708]
O61 - LFC:Last File Created 27/10/2010 - 11:49:34 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat [0]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21251 [91]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24927 [104]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.39714 [117]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.44255 [120]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.71825 [103]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85325 [87]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89589 [106]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.93892 [120]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP2.95820 [77]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21251 [32768]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24927 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.39714 [11416]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.44255 [177]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.71825 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85325 [32768]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89589 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93892 [264047]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14833 [82]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24969 [83]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.40302 [63]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.45609 [142]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78057 [75]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.82088 [87]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.87720 [64]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.88742 [79]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.97815 [71]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.17583 [171]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.39707 [210]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.47787 [215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74487 [170]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74494 [167]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.76347 [146]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.86251 [145]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.18650 [189]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.56329 [161]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.98238 [227]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14833 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24969 [154751]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40302 [126]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.45609 [534895]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78057 [0]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.82088 [154751]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.87720 [154911]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88742 [678]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.97815 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:50 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (13-14-50).txt [4340]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.23557 [87]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.48086 [63]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.49371 [87]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.83239 [64]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.14148 [188]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.68227 [186]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.23557 [154751]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.48086 [126]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.49371 [32768]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.83239 [155421]
O61 - LFC:Last File Created 27/10/2010 - 14:22:03 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (14-22-03).txt [1419]
O61 - LFC:Last File Created 27/10/2010 - 14:28:28 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\OIS\Toolbars.dat [723]
O61 - LFC:Last File Created 27/10/2010 - 14:53:48 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst [38618112]
O61 - LFC:Last File Created 27/10/2010 - 15:38:59 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\mfaurlconf.ini [798]
O61 - LFC:Last File Created 27/10/2010 - 15:39:01 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infoavi.ctf [2001]
O61 - LFC:Last File Created 27/10/2010 - 15:39:05 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infowin.ctf [17172]
O61 - LFC:Last File Created 27/10/2010 - 15:39:06 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infooi.ctf [1615]
O61 - LFC:Last File Created 27/10/2010 - 15:40:17 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10mfa1152ux.bin [3210319]
O61 - LFC:Last File Created 27/10/2010 - 15:43:51 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-144347.log [11248]
O61 - LFC:Last File Created 27/10/2010 - 15:47:11 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10upd1152mp.bin.partial [2366383]
O61 - LFC:Last File Created 27/10/2010 - 15:47:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-143857.log [113634]
O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgmfapx.exe [3294415]
O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgrunasx.exe [393935]
O61 - LFC:Last File Created 27/10/2010 - 16:02:01 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\avg_free_stb_eu_2011_1144.exe [4450887]
O61 - LFC:Last File Created 27/10/2010 - 16:02:59 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\tazebama.log [27]
O61 - LFC:Last File Created 27/10/2010 - 16:04:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Cookies\index.dat [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:14:08 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10]
O61 - LFC:Last File Created 27/10/2010 - 16:14:11 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\profiles.ini [111]
O61 - LFC:Last File Created 27/10/2010 - 16:14:12 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compatibility.ini [187]
O61 - LFC:Last File Created 27/10/2010 - 16:14:17 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\permissions.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.cache [106]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.ini [125]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.rdf [1179]
O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compreg.dat [147476]
O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\xpti.dat [101881]
O61 - LFC:Last File Created 27/10/2010 - 16:14:22 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite [135168]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\formhistory.sqlite [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.json [11719]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:26 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cookies.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:27 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\secmod.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 16:14:29 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\content-prefs.sqlite [7168]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\mimeTypes.rdf [3360]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\pluginreg.dat [452]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XUL.mfl [1013764]
O61 - LFC:Last File Created 27/10/2010 - 16:14:34 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XPC.mfl [2336220]
O61 - LFC:Last File Created 27/10/2010 - 16:15:28 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\localstore.rdf [569]
O61 - LFC:Last File Created 27/10/2010 - 16:16:01 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\prefs.js [1070]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\bookmarkbackups\bookmarks-2010-10-27.json [4131]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cert8.db [65536]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\key3.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite-journal [0]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_001_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_002_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_003_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_MAP_ [8468]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\urlclassifier3.sqlite [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.36286 [114]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.50770 [64]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78357 [83]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.84260 [87]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89065 [117]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.95591 [87]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.36286 [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50770 [155031]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78357 [154751]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.84260 [154751]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89065 [1091]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.95591 [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:50 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (16-19-50).txt [1458]
O61 - LFC:Last File Created 27/10/2010 - 16:20:02 --HA- C:\Documents And Settings\Administrateur\Local Settings\Application Data\IconCache.db [2656656]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\NTUSER.DAT [786432]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 -SHA- C:\Documents And Settings\Administrateur\ntuser.ini [184]
O61 - LFC:Last File Created 28/10/2010 - 08:44:02 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\HJTInstall.exe [812344]
O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk [1746]
O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\xxx\Bureau\HijackThis.lnk [1734]
O61 - LFC:Last File Created 28/10/2010 - 10:30:59 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\RSIT.exe [339991]
O61 - LFC:Last File Created 28/10/2010 - 11:01:38 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XPC.mfl [2407028]
O61 - LFC:Last File Created 28/10/2010 - 12:32:29 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-28.json [4308]
O61 - LFC:Last File Created 29/10/2010 - 03:23:42 -SH-- C:\Documents And Settings\xxx\ntuser.ini [284]
O61 - LFC:Last File Created 29/10/2010 - 09:06:39 ---A- C:\Documents And Settings\tazebama.dl_ [154751]
O61 - LFC:Last File Created 29/10/2010 - 09:06:44 ---A- C:\Documents And Settings\tazebama.dll [32768]
O61 - LFC:Last File Created 29/10/2010 - 09:06:47 ---A- C:\Documents And Settings\hook.dl_ [154751]
O61 - LFC:Last File Created 29/10/2010 - 09:07:27 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\zPharaoh.dat [24]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cert8.db [65536]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\key3.db [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\localstore.rdf [1799]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\prefs.js [1874]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifier3.sqlite [36089856]
O61 - LFC:Last File Created 29/10/2010 - 09:09:57 ---A- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:09:58 ---A- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 -SHA- C:\Documents And Settings\xxx\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:10:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite [10240]
O61 - LFC:Last File Created 29/10/2010 - 09:10:01 -SHA- C:\Documents And Settings\xxx\Recent\Desktop.ini [150]
O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:10:11 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini [4334]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_001_ [173324]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_002_ [228503]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_003_ [390403]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [4232]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [4617]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_MAP_ [276]
O61 - LFC:Last File Created 29/10/2010 - 09:11:34 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifierkey3.txt [154]
O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7C9D1634d01 [29529]
O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B10AB35Ed01 [29390]
O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:12:08 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\0233417Ed01 [39410]
O61 - LFC:Last File Created 29/10/2010 - 09:12:09 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\30FED4FBd01 [23219]
O61 - LFC:Last File Created 29/10/2010 - 09:12:14 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E6B43658d01 [36624]
O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7EB22E25d01 [25914]
O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\C645F108d01 [32779]
O61 - LFC:Last File Created 29/10/2010 - 09:12:18 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite-journal [3608]
O61 - LFC:Last File Created 29/10/2010 - 09:12:26 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\524B4514d01 [82151]
O61 - LFC:Last File Created 29/10/2010 - 09:12:30 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\011746F5d01 [20057]
O61 - LFC:Last File Created 29/10/2010 - 09:12:50 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\BB86F350d01 [18094]
O61 - LFC:Last File Created 29/10/2010 - 09:12:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\2ECE5B63d01 [16941]
O61 - LFC:Last File Created 29/10/2010 - 09:12:52 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E7D06A9Ed01 [23631]
O61 - LFC:Last File Created 29/10/2010 - 09:13:18 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\13270FD1d01 [22764]
O61 - LFC:Last File Created 29/10/2010 - 09:13:19 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E95D9AF6d01 [52028]
O61 - LFC:Last File Created 29/10/2010 - 09:13:37 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\formhistory.sqlite [4096]
O61 - LFC:Last File Created 29/10/2010 - 09:13:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B06F26F9d01 [112173]
O61 - LFC:Last File Created 29/10/2010 - 09:13:58 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\D03AE71Bd01 [86805]
O61 - LFC:Last File Created 29/10/2010 - 09:14:28 -SH-- C:\Documents And Settings\xxx\Local Settings\Temporary Internet Files\desktop.ini [67]
O61 - LFC:Last File Created 29/10/2010 - 09:14:39 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\sessionstore.js [7604]
O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\downloads.sqlite [2048]
O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\ZHPDiag.exe [2165488]
O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite [188416]
O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite-journal [0]
O61 - LFC:Last File Created 29/10/2010 - 09:16:10 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [439]
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: RSIT - (.random/random.)
---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(.Pas de propriétaire - Pas de description.) - LEGACY_AAVMKER4
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.) - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULER
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.) - AntiVir PersonalEdition Classic Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.) - Avira Upgrade Service (AntiVirUpgradeService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRUPGRADESERVICE
O64 - Services: CurCS - (.not file.) - avast! Standard Shield Support (aswMon2) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMON2
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - (.not file.) - AVG7 Wrap Driver (Avg7RsW) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG7RSW
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (.not file.) - avgio (avgio) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGIO
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (.not file.) - avgntflt (avgntflt) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - (.not file.) - AVG Free Network Redirector (AvgTdiX) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGTDIX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.AVIRA GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\WINDOWS\system32\BEDE66B8.exe (.not file.) - BBBBCB50 (BBBBCB50) .(.Pas de propriétaire - Pas de description.) - LEGACY_BBBBCB50
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS
O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - (.not file.) - dhfyvk (dhfyvk) .(.Pas de propriétaire - Pas de description.) - LEGACY_DHFYVK
O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\DMLOAD.sys - dmload (dmload) .(.Pas de propriétaire - Pas de description.) - LEGACY_DMLOAD
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - C:\Windows\system32\drivers\drvnddm.sys - drvnddm (drvnddm) .(.Sonic Solutions - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10621 (EraserUtilDrv10621) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10621
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - (.not file.) - Service de rapport d'erreurs (ERSvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fltMgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Administration IIS (IISADMIN) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_IISADMIN
O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - C:\WINDOWS\system32\moviemk.exe (.not file.) - Media Seriel Number Service (Media Seriel Number Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_MEDIA_SERIEL_NUMBER_SERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP
O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NTLMSSP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (.not file.) - Office Source Engine (ose) .(.Pas de propriétaire - Pas de description.) - LEGACY_OSE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PCIIDE.sys - PCIIde (PCIIde) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCIIDE
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Simple Mail Transfer Protocol (SMTP) (SMTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_SMTPSVC
O64 - Services: CurCS - C:\WINDOWS\System32\snmp.exe - Service SNMP (SNMP) .(.Microsoft Corporation - Service SNMP.) - LEGACY_SNMP
O64 - Services: CurCS - C:\WINDOWS\System32\snmptrap.exe - Service d'interruption SNMP (SNMPTRAP) .(.Microsoft Corporation - SNMP Trap Service.) - LEGACY_SNMPTRAP
O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - C:\Windows\system32\drivers\ssrtln.sys - ssrtln (ssrtln) .(.Sonic Solutions - Shared Driver Component.) - LEGACY_SSRTLN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS
O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT
O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS
O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO
O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnboio.sys - tfsnboio (tfsnboio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNBOIO
O64 - Services: CurCS - C:\Windows\system32\dla\tfsncofs.sys - tfsncofs (tfsncofs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNCOFS
O64 - Services: CurCS - C:\Windows\system32\dla\tfsndrct.sys - tfsndrct (tfsndrct) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRCT
O64 - Services: CurCS - C:\Windows\system32\dla\tfsndres.sys - tfsndres (tfsndres) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRES
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnifs.sys - tfsnifs (tfsnifs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNIFS
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnopio.sys - tfsnopio (tfsnopio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNOPIO
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnpool.sys - tfsnpool (tfsnpool) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNPOOL
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudf.sys - tfsnudf (tfsnudf) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDF
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudfa.sys - tfsnudfa (tfsnudfa) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDFA
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Publication World Wide Web (W3SVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_W3SVC
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
O64 - Services: CurCS - (.not file.) - xcsrioplm (xcsrioplm) .(.Pas de propriétaire - Pas de description.) - LEGACY_XCSRIOPLM
---\\ Liste des fichiers non signés (LUF) (O65)
O65 - LUF:22/01/1999 (.Pas de propriétaire - msrtedit Module.) (1, 0, 0, 1) - c:\windows\system32\MSRTEDIT.DLL
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Explorer\iexplore.exe (.not file.)
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Yahoo! Search) - http://us.yhs.search.yahoo.com
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by xxx at 29/10/2010 09:30:19
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog
Run by xxx at 29/10/2010 09:31:55
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719
Dump file Name : C:\Program Files\ZHPDiag\MBRDump_10-29-10_09-32-00_PhysicalDrive0.bin
---\\ Crack & Keygen Files (CKF) (O82)
C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix
C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix
---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [111616]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [359936]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912]
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (AntiVirScheduler) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (AntiVirService) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
SS - | Auto 0 | C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (AntiVirUpgradeService) . (.Pas de propriétaire.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe
SS - | Auto 0 | C:\WINDOWS\system32\BEDE66B8.exe (BBBBCB50) . (.Pas de propriétaire.) - C:\WINDOWS\system32\BEDE66B8.exe
SS - | Demand 19/08/2004 225280 | C:\WINDOWS\System32\dmadmin.exe (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 19/08/2004 0 | C:\WINDOWS\system32\moviemk.exe (Media Seriel Number Service) . (.Pas de propriétaire.) - C:\WINDOWS\system32\moviemk.exe
SS - | Demand 19/08/2004 0 | C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (ose) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe
End of the scan (1028 lines in 16mn 39s)(2)
Run by xxx at 29/10/2010 09:16:36
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.2180
MFIE: Mozilla Firefox (3.6.8)
---\\ System Information
Platform : Microsoft Windows XP (5.1.2600) Service Pack 2
Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 246 MB (14% free)
System drive C: has 69 GB (92%) free of 74 GB
---\\ Logged in mode
Computer Name: XXX-4FB7792C953
User Name: xxx
All Users Names: xxx, SUPPORT_388945a0, IWAM_XXX-4FB7792C953, IUSR_XXX-4FB7792C953, HelpAssistant, Administrateur,
Unselected Option: None
Logged in as Administrator
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 74 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
---\\ Processus lancés
[MD5.3677FE8F78ED0A5A31360BDE2CF4671A] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872]
[MD5.16713686A3C7FE73DDFC553EB4D21829] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280]
[MD5.1F7A803D0E3BDEFB3EF59651A56F7BBD] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\WINDOWS\system32\CNAC3RPK.EXE [49215]
[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]
[MD5.CBAC41ADDDD6D5C761CDDD2C015CEF2C] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [580096]
---\\ Page de démarrage de Mozilla Firefox (M0)
M0 - MFSP: prefs.js [xxx - k71vxa5z.default] www.google.fr
---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = srv_proxy:8080
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswshx.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (.not file.)
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1417001333-162531612-839522115-1003\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Pas de propriétaire.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Pas de propriétaire.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PowerDVD.lnk . (.Pas de propriétaire.) -- C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Pas de propriétaire.) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Pas de propriétaire.) -- C:\Program Files\Movie Maker\moviemk.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Pas de propriétaire.) -- C:\Program Files\Windows Media Player\wmplayer.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\xxx\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpNameServer = 172.17.136.42
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CS1\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CS1\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F5E4626-CACA-484A-B679-8DBFDD334181}: DhcpDomain = minecofor.gouv
O17 - HKLM\System\CS2\Services\Tcpip\..\{CB5BAEE4-6089-41BB-954A-C21CC8282D82}: DhcpDomain = minecofor.gouv.ga
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.136.42
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.)
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.)
O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.)
O23 - Service: BBBBCB50 (BBBBCB50) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\BEDE66B8.exe (.not file.)
O23 - Service: Media Seriel Number Service (Media Seriel Number Service) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\moviemk.exe (.not file.)
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WGASetup.job
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Rundll32 IEDKCS32.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: avgio (avgio) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avipbb (avipbb) . (.AVIRA GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (sscdbhk5) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\sscdbhk5.sys
O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: (ssrtln) . (.Sonic Solutions - Shared Driver Component.) - C:\Windows\system32\drivers\ssrtln.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon LBP5200 - (.Pas de propriétaire.) [HKLM] -- Canon LBP5200
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Intel(R) PRO Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.8)
O42 - Logiciel: PowerDVD 5.1 - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17}
O42 - Logiciel: Sonic Audio module - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
O42 - Logiciel: Sonic DLA - (.Sonic Solutions.) [HKLM] -- {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629}
O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205}
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Zuma's Revenge! - (.AllSmartGames.) [HKLM] -- Zuma's Revenge!1.0
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adobe]
[HKCU\Software\AlcorMicro]
[HKCU\Software\Avg]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\Grisoft]
[HKCU\Software\Intel]
[HKCU\Software\InterTrust]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Sonic]
[HKCU\Software\SpinTop]
[HKCU\Software\Sysinternals]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKLM\Software\0]
[HKLM\Software\13fe]
[HKLM\Software\457]
[HKLM\Software\718]
[HKLM\Software\781]
[HKLM\Software\8ec]
[HKLM\Software\90c]
[HKLM\Software\ALWIL Software]
[HKLM\Software\Adobe]
[HKLM\Software\Avg]
[HKLM\Software\Avira]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Gemplus]
[HKLM\Software\Grisoft]
[HKLM\Software\INTEL]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SigmaTel]
[HKLM\Software\Sonic]
[HKLM\Software\Swearware]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ---AD- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Grisoft
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\internet explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\SigmaTel
O43 - CFD:Common File Directory ----D- C:\Program Files\Sonic
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Zuma's Revenge!
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:11:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [26238]
O44 - LFC:[MD5.616E8D2B73D217CFA56E7BCEC5DE7942] - 29/10/2010 - 09:11:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982381.log [662]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/10/2010 - 09:10:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.00000000000000000000000000000000] - 29/10/2010 - 09:10:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/10/2010 - 09:09:56 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.163E20CBCCEFCDD42F46E43A94173C46] - 29/10/2010 - 09:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\1.taz [126]
O44 - LFC:[MD5.09414976FE67DFDADB1DD4710B0E6B26] - 29/10/2010 - 09:06:39 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\zPharaoh.exe [155011]
O44 - LFC:[MD5.890E3861D951C0271F008A523FED4B34] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [969062]
O44 - LFC:[MD5.5CD95951821FFC10F39C32FEA7C756A3] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [63718]
O44 - LFC:[MD5.198CAE99CE6C707DC5644C40E539B581] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [75242]
O44 - LFC:[MD5.6AB47C1DE1911AAC29A26DBE5D664E98] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [378100]
O44 - LFC:[MD5.1A9B8558884EE3B83FC1283380CBDF90] - 29/10/2010 - 03:28:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [440496]
O44 - LFC:[MD5.4E7F23F36F8B2A21BD5B4189F499B15F] - 29/10/2010 - 03:24:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [228000]
O44 - LFC:[MD5.D0329F7C43444AE335396DF098780CD8] - 29/10/2010 - 03:03:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [6082]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.B5B9633C87178555DE9C45E15B13EE1B] - 27/10/2010 - 15:48:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [689]
O44 - LFC:[MD5.C9C169A9E316B9C1B9F69D5C0110FC48] - 27/10/2010 - 15:47:48 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\WINDOWS\IsUninst.exe [463215]
O44 - LFC:[MD5.683C2D47C73FC453D42BC79BFFA0A641] - 27/10/2010 - 15:47:48 ---A- . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\dla.exe [254887]
O44 - LFC:[MD5.6677A3492BD3F2ADD68D6AE8A7981499] - 27/10/2010 - 15:18:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [6416]
O44 - LFC:[MD5.CA8666B67F3DF8AC7A2C797EF3F0E4FF] - 27/10/2010 - 15:06:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wininit.ini [2788]
O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 27/10/2010 - 11:49:19 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 27/10/2010 - 11:49:15 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [19160]
O44 - LFC:[MD5.617E6127772068A0F5EC8351047809C3] - 27/10/2010 - 08:24:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2228]
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.9D568F7837B3260E0CF9439D1A6BF9B3] - 26/10/2010 - 11:12:21 ---A- - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf
O45 - LFCP:[MD5.F8F49DDEFB2CBE974264AEA06A2BA8E5] - 27/10/2010 - 08:41:38 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:[MD5.52DF8F08B5141EE38F5BCDD6D656C93D] - 27/10/2010 - 08:41:39 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
O45 - LFCP:[MD5.6AF0FD78B19BDC18E3126A8D899FEA54] - 27/10/2010 - 10:42:24 ---A- - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf
O45 - LFCP:[MD5.31968D6DB90825EB4236E43B5C44A5EF] - 27/10/2010 - 10:42:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf
O45 - LFCP:[MD5.ACDC9D1D4C3B6F55DF2F7F086E0A1701] - 27/10/2010 - 10:58:35 ---A- - C:\WINDOWS\Prefetch\OIS.EXE-33076924.pf
O45 - LFCP:[MD5.1AF4AE12B783713399A800D7F6BDD0BA] - 27/10/2010 - 12:29:30 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
O45 - LFCP:[MD5.33386D5B774BE9654BEAA047A65534B0] - 27/10/2010 - 15:16:35 ---A- - C:\WINDOWS\Prefetch\ECHOX.EXE-0EC32D49.pf
O45 - LFCP:[MD5.2F6250C9032B43CE4DDF606EC0D257F9] - 27/10/2010 - 15:16:36 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:[MD5.7B1B32060763497EEA09876013628626] - 27/10/2010 - 15:16:45 ---A- - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf
O45 - LFCP:[MD5.BD5459EE5336DDEAD95F5096F2482BEE] - 27/10/2010 - 15:57:17 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:[MD5.70E2FCFBBA73BB762C76145F6AFC5956] - 27/10/2010 - 16:22:49 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:[MD5.F10FA96F62E1D74262E57DA6EC61A442] - 27/10/2010 - 16:25:46 ---A- - C:\WINDOWS\Prefetch\IGFXSRVC.EXE-2FB63FE8.pf
O45 - LFCP:[MD5.25FBBDBCFF1664FF80AFA1598B0BA9AD] - 28/10/2010 - 15:23:59 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:[MD5.BCDE83F9B1CB484F2294E26E57F43D72] - 29/10/2010 - 03:00:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3563ABE9.pf
O45 - LFCP:[MD5.57BBB5D5B0343216D79403885E62B185] - 29/10/2010 - 03:00:34 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C56B398.pf
O45 - LFCP:[MD5.4728971D5A7989DCDB54A8A43BC808AD] - 29/10/2010 - 03:00:40 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0212FBB0.pf
O45 - LFCP:[MD5.347EA23BE50B834F222B8055659AF838] - 29/10/2010 - 03:00:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-218163BB.pf
O45 - LFCP:[MD5.8655994F9EEEDDB0A06DBBE56D647C83] - 29/10/2010 - 03:00:53 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-307B7330.pf
O45 - LFCP:[MD5.B834FB99456D8128F35D844869449440] - 29/10/2010 - 03:01:02 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB923789-X86-FRA.EX-27ADD321.pf
O45 - LFCP:[MD5.0250233A5888A8D2318D488738586ADF] - 29/10/2010 - 03:01:04 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0181CD10.pf
O45 - LFCP:[MD5.35199B2C7B2A7A1CDEE534D93F722765] - 29/10/2010 - 03:01:21 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38086753.pf
O45 - LFCP:[MD5.ECC8CAC6E3F8990AEC21950D1F91835D] - 29/10/2010 - 03:01:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-24C17FF8.pf
O45 - LFCP:[MD5.7B9EDE79A2C948662A6BAC0E6ACCBD36] - 29/10/2010 - 03:01:45 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:[MD5.7B8091EBED46968764C69F2F46E70D52] - 29/10/2010 - 03:04:40 ---A- - C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf
O45 - LFCP:[MD5.CBF539CBAF04DB37E7F41E916571940E] - 29/10/2010 - 03:05:19 ---A- - C:\WINDOWS\Prefetch\SPUPDSVC.EXE-21B36524.pf
O45 - LFCP:[MD5.12A1E221C4EB3EE79D6E74170D97EB37] - 29/10/2010 - 03:06:10 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C76F2DD.pf
O45 - LFCP:[MD5.489E25DFEADF87F2FA794CBD28B64DC5] - 29/10/2010 - 03:06:16 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-06FDF3DD.pf
O45 - LFCP:[MD5.6F8BE149D7505B1651B70DCECFBC5563] - 29/10/2010 - 03:06:22 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-31262246.pf
O45 - LFCP:[MD5.B9525EEF10836B8D2BD6AFD75B6E4025] - 29/10/2010 - 03:06:28 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33681E51.pf
O45 - LFCP:[MD5.55927D470F67A8CF811E1C328A06419F] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WGASETUP.EXE-38108902.pf
O45 - LFCP:[MD5.BC067A5861B33105259DD6C72317EC63] - 29/10/2010 - 03:06:43 ---A- - C:\WINDOWS\Prefetch\WINDOWSXP-KB905474-FRA-X86.EX-296B25E8.pf
O45 - LFCP:[MD5.2EE8C94D9194885F28A778F22AC29529] - 29/10/2010 - 03:06:56 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-029C43FA.pf
O45 - LFCP:[MD5.94525F0E1EAD5FE8AD5B264BF1069D46] - 29/10/2010 - 03:07:01 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-36D1321E.pf
O45 - LFCP:[MD5.C7379FF9A7E1E89003D2578E57A0F159] - 29/10/2010 - 03:07:05 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B1DB1FC.pf
O45 - LFCP:[MD5.6E8F55CF00AB0B726DA9A78B7A6E284B] - 29/10/2010 - 03:07:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-21AC5B35.pf
O45 - LFCP:[MD5.8326A14BB5D0FB9FFC94C727456FFE6E] - 29/10/2010 - 03:07:14 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-162BB5AE.pf
O45 - LFCP:[MD5.ACE7403E604DD5BD785ABEE135713DB6] - 29/10/2010 - 03:07:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-28956928.pf
O45 - LFCP:[MD5.59B351B6B472600BA7099229E1247203] - 29/10/2010 - 03:07:26 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1673E9BB.pf
O45 - LFCP:[MD5.836C65C8AB3EC9ACE01A8667A11CEF3B] - 29/10/2010 - 03:07:27 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-27D23DFC.pf
O45 - LFCP:[MD5.B9C35AE622628F87B7CA8BBB31E0BD5F] - 29/10/2010 - 03:07:31 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-38E6D1B9.pf
O45 - LFCP:[MD5.80BC1C10A9A372FB39E1F3647D5ACA7A] - 29/10/2010 - 03:07:46 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0894953D.pf
O45 - LFCP:[MD5.4684EA50AA2F994EDC52A95ED0B44A93] - 29/10/2010 - 03:07:52 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3B446165.pf
O45 - LFCP:[MD5.266E0E72CCB2AFA0D888A70C251F5A23] - 29/10/2010 - 03:07:57 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-33D781FC.pf
O45 - LFCP:[MD5.F707A806F263B2E16686B927D093A755] - 29/10/2010 - 03:08:02 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2C91257D.pf
O45 - LFCP:[MD5.4C83CE2B18EE07F73FB3B8007AAD1C29] - 29/10/2010 - 03:08:08 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-17F13F49.pf
O45 - LFCP:[MD5.22D42980587B2CF9AB547ADB2AF5A730] - 29/10/2010 - 03:08:13 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-11C8BD71.pf
O45 - LFCP:[MD5.CD8CCB4596E931A765881C1C88C61791] - 29/10/2010 - 03:08:18 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-3A70BCC5.pf
O45 - LFCP:[MD5.A88C24621F7C1E515CFBA06686C786D6] - 29/10/2010 - 03:08:24 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-2CDF45D7.pf
O45 - LFCP:[MD5.401CB9BB03484C9AE66B554AB70E01B6] - 29/10/2010 - 03:08:29 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-199FE423.pf
O45 - LFCP:[MD5.A3633DA35C7527CB6CAB794E52395E83] - 29/10/2010 - 03:23:46 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:[MD5.C1A4B7766BAFC86B90105BD39B4C84F1] - 29/10/2010 - 03:28:55 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf
O45 - LFCP:[MD5.119ECEE484184EEE8BB5D82DF5ABCC9C] - 29/10/2010 - 03:39:11 ---A- - C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:[MD5.AED5441EC0EE332BEF7DEBF0F5159FA7] - 29/10/2010 - 09:02:11 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
O45 - LFCP:[MD5.4846AB6D0F6F5514B041B3EDFA2FD51B] - 29/10/2010 - 09:06:49 ---A- - C:\WINDOWS\Prefetch\TAZEBAMA.DL_-1B94900B.pf
O45 - LFCP:[MD5.8E320C4488EAED66315DE69A33F40431] - 29/10/2010 - 09:06:54 ---A- - C:\WINDOWS\Prefetch\WINMINE.EXE-0A3838A4.pf
O45 - LFCP:[MD5.146F5D4E6E0DB1CA2E871FA73A2D7965] - 29/10/2010 - 09:06:56 ---A- - C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf
O45 - LFCP:[MD5.67C623B5A84EE41EC1F307748C607281] - 29/10/2010 - 09:07:27 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:[MD5.0FCF3A89A161FCAEE8300D6D19BA9FE7] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.BE499D1C24C36B1E17A36DE2116F2116] - 29/10/2010 - 09:11:21 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:[MD5.2590491C00A833D450B22C7ADABEC4A1] - 29/10/2010 - 09:11:22 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:[MD5.3578D3A0F8A7B96B6FCC5A41BEE2395B] - 29/10/2010 - 09:11:30 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf
O45 - LFCP:[MD5.E499A181FAE8A46163D5AF84739C457F] - 29/10/2010 - 09:11:37 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-007DE6E8.pf
O45 - LFCP:[MD5.EB219236CFBB95B0A6458C5FE9FF30AA] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-33D7733B.pf
O45 - LFCP:[MD5.39C1B982E5B0F018E3F9396C200B37F1] - 29/10/2010 - 09:16:11 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.TMP-2B793334.pf
O45 - LFCP:[MD5.5264D5CB089CE1D1616805886E54D0A6] - 29/10/2010 - 09:16:21 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\CNAC3RPK.EXE" [Enabled] .(.CANON INC. - Canon Advanced Printing Technology RPC Server Process.) -- C:\WINDOWS\system32\CNAC3RPK.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\command . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\mission OMI 2 001
O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\dla [Key] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
O53 - SMSR:HKLM\...\startupreg\DrvMon.exe [Key] . (.Alcor Micro, Corp. - Drive Monitor.) -- C:\WINDOWS\system32\DrvMon.exe
O53 - SMSR:HKLM\...\startupreg\DVDLauncher [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\igfxpers [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\igfxtray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\MisVh55 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\inf\ MisVh55.exe
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewOnDrive"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogOff"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSetFolders"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.675C16A3C1F8482F85EE4A97FC0DDE3D] - 19/08/2004 - 17:20:54 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys
O58 - SDL:[MD5.FEFF0EE6B3BCECE911B455C74304DE5C] - 09/08/2007 - 13:04:11 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys
O58 - SDL:[MD5.AB1B39C8C3279271757CA622C93C716B] - 18/07/2007 - 14:22:19 ---A- . (.Avira GmbH - Avira Antivir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys
O58 - SDL:[MD5.8B213DA82B559787DCEB41072A3D4C40] - 07/09/2007 - 12:05:19 ---A- . (.AVIRA GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys
O58 - SDL:[MD5.84853B3FD012251690570E9E7E43343F] - 13/12/2004 - 22:14:00 ---A- . (.Adaptec, Inc. - DELL CERC SATA1.5/6ch Miniport Driver.) -- C:\WINDOWS\system32\drivers\cercsr6.sys
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/09/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys
O58 - SDL:[MD5.7C872FA5CE3147EC28DAF7AE7F76AB37] - 15/01/2003 - 09:43:52 ---A- . (.D-Link - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys
O58 - SDL:[MD5.24646242310499D75C6DB4B32768A3B3] - 02/02/2005 - 03:22:00 ---A- . (.Sonic Solutions - Device Driver.) -- C:\WINDOWS\system32\drivers\drvmcdb.sys
O58 - SDL:[MD5.2FF629C1C443E25D0149B9DFB77E43A8] - 23/12/2004 - 02:56:00 ---A- . (.Sonic Solutions - Device Driver Manager.) -- C:\WINDOWS\system32\drivers\drvnddm.sys
O58 - SDL:[MD5.95974E66D3DE4951D29E28E8BC0B644C] - 14/10/2004 - 16:30:46 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\WINDOWS\system32\drivers\e100b325.sys
O58 - SDL:[MD5.E31363D186B3E1D7C4E9117884A6AEE5] - 12/08/2004 - 17:45:54 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys
O58 - SDL:[MD5.9131EDE087AF04A7D80F7EBADC164254] - 12/08/2004 - 17:45:52 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys
O58 - SDL:[MD5.9A883C3C4D91292C0D09DE7C728E781C] - 20/09/2005 - 11:00:54 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys
O58 - SDL:[MD5.B7FB72492B753930EC70A0F49D04F12F] - 17/03/2006 - 01:51:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) -- C:\WINDOWS\system32\drivers\NvAtaBus.sys
O58 - SDL:[MD5.4BC863E8FB65EBCFDDE04822CF875E76] - 17/03/2006 - 01:51:38 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\system32\drivers\nvraid.sys
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/09/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys
O58 - SDL:[MD5.7C81AE3C9B82BA2DA437ED4D31BC56CF] - 26/01/2005 - 02:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/09/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 12:36:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\secdrv.sys
O58 - SDL:[MD5.732D859B286DA692119F286B21A2A114] - 19/08/2004 - 17:20:54 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys
O58 - SDL:[MD5.1CBD1B58A32DE97899F5290B05F856DB] - 02/12/2004 - 11:04:20 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys
O58 - SDL:[MD5.3D2829FDE1C52FC64DA5413889CE4DEE] - 01/03/2007 - 10:34:36 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.7FB07AC152D7A87E66204860002BD9A4] - 02/12/2004 - 11:04:10 ---A- . (.Sonic Solutions - Shared Driver Component.) -- C:\WINDOWS\system32\drivers\ssrtln.sys
O58 - SDL:[MD5.26EB7ACF476A3461B85F5BCE9A677A4A] - 17/08/2005 - 14:41:08 ---A- . (.SigmaTel, Inc. - NDRC.) -- C:\WINDOWS\system32\drivers\sthda.sys
O58 - SDL:[MD5.1FD5249D5103125D2DA63F68D7BE1D35] - 17/11/2005 - 19:58:16 ---A- . (.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort).) -- C:\WINDOWS\system32\drivers\symmpi.sys
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/09/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/09/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 23:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/09/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 27/10/2010 - 08:25:52 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Office\OIS11.pip [428]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Bureau\Mozilla Firefox.lnk [1602]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk [1636]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox\Mozilla Firefox.lnk [1614]
O61 - LFC:Last File Created 27/10/2010 - 10:36:24 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [1620]
O61 - LFC:Last File Created 27/10/2010 - 10:36:41 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10]
O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compatibility.ini [187]
O61 - LFC:Last File Created 27/10/2010 - 10:36:51 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\profiles.ini [111]
O61 - LFC:Last File Created 27/10/2010 - 10:36:53 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\permissions.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.cache [106]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.ini [125]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\extensions.rdf [1179]
O61 - LFC:Last File Created 27/10/2010 - 10:36:54 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\xpti.dat [101881]
O61 - LFC:Last File Created 27/10/2010 - 10:36:55 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\compreg.dat [147476]
O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.json [11719]
O61 - LFC:Last File Created 27/10/2010 - 10:37:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\search.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 10:37:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\secmod.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 10:37:05 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\content-prefs.sqlite [7168]
O61 - LFC:Last File Created 27/10/2010 - 10:37:10 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\mimeTypes.rdf [3360]
O61 - LFC:Last File Created 27/10/2010 - 10:37:11 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\pluginreg.dat [452]
O61 - LFC:Last File Created 27/10/2010 - 10:40:28 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-27.json [4319]
O61 - LFC:Last File Created 27/10/2010 - 10:40:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\OfflineCache\index.sqlite [10240]
O61 - LFC:Last File Created 27/10/2010 - 10:47:38 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\signons.sqlite [11264]
O61 - LFC:Last File Created 27/10/2010 - 10:55:29 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XUL.mfl [1211644]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Bureau\CCleaner.lnk [682]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner Homepage.url [74]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\CCleaner.lnk [694]
O61 - LFC:Last File Created 27/10/2010 - 10:56:15 ---A- C:\Documents And Settings\xxx\Menu Démarrer\Programmes\CCleaner\Uninstall CCleaner.lnk [507]
O61 - LFC:Last File Created 27/10/2010 - 10:57:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe [0]
O61 - LFC:Last File Created 27/10/2010 - 11:23:46 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\mbam-setup-1.46.exe.part [6153352]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [696]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Désinstaller Malwarebytes' Anti-Malware.lnk [732]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk [708]
O61 - LFC:Last File Created 27/10/2010 - 11:49:21 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk [708]
O61 - LFC:Last File Created 27/10/2010 - 11:49:34 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat [0]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21251 [91]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24927 [104]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.39714 [117]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.44255 [120]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.71825 [103]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85325 [87]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89589 [106]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.93892 [120]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP2.95820 [77]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21251 [32768]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24927 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.39714 [11416]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.44255 [177]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.71825 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85325 [32768]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89589 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:41 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93892 [264047]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14833 [82]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24969 [83]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.40302 [63]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.45609 [142]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78057 [75]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.82088 [87]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.87720 [64]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.88742 [79]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.97815 [71]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.17583 [171]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.39707 [210]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.47787 [215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74487 [170]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.74494 [167]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.76347 [146]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.86251 [145]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.18650 [189]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.56329 [161]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.98238 [227]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14833 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24969 [154751]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40302 [126]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.45609 [534895]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78057 [0]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.82088 [154751]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.87720 [154911]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88742 [678]
O61 - LFC:Last File Created 27/10/2010 - 13:14:42 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.97815 [591215]
O61 - LFC:Last File Created 27/10/2010 - 13:14:50 ---A- C:\Documents And Settings\xxx\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (13-14-50).txt [4340]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.23557 [87]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.48086 [63]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.49371 [87]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.83239 [64]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.14148 [188]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.68227 [186]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.23557 [154751]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.48086 [126]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.49371 [32768]
O61 - LFC:Last File Created 27/10/2010 - 14:21:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.83239 [155421]
O61 - LFC:Last File Created 27/10/2010 - 14:22:03 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (14-22-03).txt [1419]
O61 - LFC:Last File Created 27/10/2010 - 14:28:28 ---A- C:\Documents And Settings\xxx\Application Data\Microsoft\OIS\Toolbars.dat [723]
O61 - LFC:Last File Created 27/10/2010 - 14:53:48 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Microsoft\Outlook\Outlook.pst [38618112]
O61 - LFC:Last File Created 27/10/2010 - 15:38:59 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\mfaurlconf.ini [798]
O61 - LFC:Last File Created 27/10/2010 - 15:39:01 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infoavi.ctf [2001]
O61 - LFC:Last File Created 27/10/2010 - 15:39:05 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infowin.ctf [17172]
O61 - LFC:Last File Created 27/10/2010 - 15:39:06 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\pack\avg10infooi.ctf [1615]
O61 - LFC:Last File Created 27/10/2010 - 15:40:17 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10mfa1152ux.bin [3210319]
O61 - LFC:Last File Created 27/10/2010 - 15:43:51 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-144347.log [11248]
O61 - LFC:Last File Created 27/10/2010 - 15:47:11 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\bins\f10upd1152mp.bin.partial [2366383]
O61 - LFC:Last File Created 27/10/2010 - 15:47:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\logs\mfa-20101027-143857.log [113634]
O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgmfapx.exe [3294415]
O61 - LFC:Last File Created 27/10/2010 - 15:51:39 ---A- C:\Documents And Settings\All Users\Application Data\MFAData\SelfUpd\avgrunasx.exe [393935]
O61 - LFC:Last File Created 27/10/2010 - 16:02:01 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\avg_free_stb_eu_2011_1144.exe [4450887]
O61 - LFC:Last File Created 27/10/2010 - 16:02:59 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\tazebama.log [27]
O61 - LFC:Last File Created 27/10/2010 - 16:04:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Cookies\index.dat [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:08:53 ---A- C:\Documents And Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:14:08 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20100722155716 [10]
O61 - LFC:Last File Created 27/10/2010 - 16:14:11 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\profiles.ini [111]
O61 - LFC:Last File Created 27/10/2010 - 16:14:12 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compatibility.ini [187]
O61 - LFC:Last File Created 27/10/2010 - 16:14:17 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\permissions.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.cache [106]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.ini [125]
O61 - LFC:Last File Created 27/10/2010 - 16:14:18 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\extensions.rdf [1179]
O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\compreg.dat [147476]
O61 - LFC:Last File Created 27/10/2010 - 16:14:19 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\xpti.dat [101881]
O61 - LFC:Last File Created 27/10/2010 - 16:14:22 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite [135168]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\formhistory.sqlite [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.json [11719]
O61 - LFC:Last File Created 27/10/2010 - 16:14:25 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\search.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:26 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cookies.sqlite [2048]
O61 - LFC:Last File Created 27/10/2010 - 16:14:27 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\secmod.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 16:14:29 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\content-prefs.sqlite [7168]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\mimeTypes.rdf [3360]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\pluginreg.dat [452]
O61 - LFC:Last File Created 27/10/2010 - 16:14:32 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XUL.mfl [1013764]
O61 - LFC:Last File Created 27/10/2010 - 16:14:34 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\XPC.mfl [2336220]
O61 - LFC:Last File Created 27/10/2010 - 16:15:28 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\localstore.rdf [569]
O61 - LFC:Last File Created 27/10/2010 - 16:16:01 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\prefs.js [1070]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\bookmarkbackups\bookmarks-2010-10-27.json [4131]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\cert8.db [65536]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\key3.db [16384]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\places.sqlite-journal [0]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_001_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_002_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_003_ [4096]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\Cache\_CACHE_MAP_ [8468]
O61 - LFC:Last File Created 27/10/2010 - 16:16:02 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\4r8h58wr.default\urlclassifier3.sqlite [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.36286 [114]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.50770 [64]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78357 [83]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.84260 [87]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89065 [117]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.95591 [87]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.36286 [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50770 [155031]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78357 [154751]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.84260 [154751]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89065 [1091]
O61 - LFC:Last File Created 27/10/2010 - 16:19:47 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.95591 [32768]
O61 - LFC:Last File Created 27/10/2010 - 16:19:50 ---A- C:\Documents And Settings\Administrateur\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-27 (16-19-50).txt [1458]
O61 - LFC:Last File Created 27/10/2010 - 16:20:02 --HA- C:\Documents And Settings\Administrateur\Local Settings\Application Data\IconCache.db [2656656]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\NTUSER.DAT [786432]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 ---A- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024]
O61 - LFC:Last File Created 27/10/2010 - 16:20:04 -SHA- C:\Documents And Settings\Administrateur\ntuser.ini [184]
O61 - LFC:Last File Created 28/10/2010 - 08:44:02 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\HJTInstall.exe [812344]
O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk [1746]
O61 - LFC:Last File Created 28/10/2010 - 08:44:51 ---A- C:\Documents And Settings\xxx\Bureau\HijackThis.lnk [1734]
O61 - LFC:Last File Created 28/10/2010 - 10:30:59 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\RSIT.exe [339991]
O61 - LFC:Last File Created 28/10/2010 - 11:01:38 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\XPC.mfl [2407028]
O61 - LFC:Last File Created 28/10/2010 - 12:32:29 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\bookmarkbackups\bookmarks-2010-10-28.json [4308]
O61 - LFC:Last File Created 29/10/2010 - 03:23:42 -SH-- C:\Documents And Settings\xxx\ntuser.ini [284]
O61 - LFC:Last File Created 29/10/2010 - 09:06:39 ---A- C:\Documents And Settings\tazebama.dl_ [154751]
O61 - LFC:Last File Created 29/10/2010 - 09:06:44 ---A- C:\Documents And Settings\tazebama.dll [32768]
O61 - LFC:Last File Created 29/10/2010 - 09:06:47 ---A- C:\Documents And Settings\hook.dl_ [154751]
O61 - LFC:Last File Created 29/10/2010 - 09:07:27 ---A- C:\Documents And Settings\xxx\Application Data\tazebama\zPharaoh.dat [24]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cert8.db [65536]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\key3.db [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\localstore.rdf [1799]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\prefs.js [1874]
O61 - LFC:Last File Created 29/10/2010 - 09:08:03 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifier3.sqlite [36089856]
O61 - LFC:Last File Created 29/10/2010 - 09:09:57 ---A- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:09:58 ---A- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:09:59 -SHA- C:\Documents And Settings\xxx\Local Settings\desktop.ini [62]
O61 - LFC:Last File Created 29/10/2010 - 09:10:01 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite [10240]
O61 - LFC:Last File Created 29/10/2010 - 09:10:01 -SHA- C:\Documents And Settings\xxx\Recent\Desktop.ini [150]
O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:10:07 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:10:11 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini [4334]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_001_ [173324]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_002_ [228503]
O61 - LFC:Last File Created 29/10/2010 - 09:11:32 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_003_ [390403]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [4232]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [4617]
O61 - LFC:Last File Created 29/10/2010 - 09:11:33 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\_CACHE_MAP_ [276]
O61 - LFC:Last File Created 29/10/2010 - 09:11:34 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\urlclassifierkey3.txt [154]
O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7C9D1634d01 [29529]
O61 - LFC:Last File Created 29/10/2010 - 09:11:39 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B10AB35Ed01 [29390]
O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Cookies\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:11:43 ----- C:\Documents And Settings\xxx\Local Settings\Historique\History.IE5\index.dat [16384]
O61 - LFC:Last File Created 29/10/2010 - 09:12:08 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\0233417Ed01 [39410]
O61 - LFC:Last File Created 29/10/2010 - 09:12:09 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\30FED4FBd01 [23219]
O61 - LFC:Last File Created 29/10/2010 - 09:12:14 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E6B43658d01 [36624]
O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\7EB22E25d01 [25914]
O61 - LFC:Last File Created 29/10/2010 - 09:12:15 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\C645F108d01 [32779]
O61 - LFC:Last File Created 29/10/2010 - 09:12:18 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\cookies.sqlite-journal [3608]
O61 - LFC:Last File Created 29/10/2010 - 09:12:26 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\524B4514d01 [82151]
O61 - LFC:Last File Created 29/10/2010 - 09:12:30 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\011746F5d01 [20057]
O61 - LFC:Last File Created 29/10/2010 - 09:12:50 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\BB86F350d01 [18094]
O61 - LFC:Last File Created 29/10/2010 - 09:12:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\2ECE5B63d01 [16941]
O61 - LFC:Last File Created 29/10/2010 - 09:12:52 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E7D06A9Ed01 [23631]
O61 - LFC:Last File Created 29/10/2010 - 09:13:18 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\13270FD1d01 [22764]
O61 - LFC:Last File Created 29/10/2010 - 09:13:19 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\E95D9AF6d01 [52028]
O61 - LFC:Last File Created 29/10/2010 - 09:13:37 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\formhistory.sqlite [4096]
O61 - LFC:Last File Created 29/10/2010 - 09:13:51 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\B06F26F9d01 [112173]
O61 - LFC:Last File Created 29/10/2010 - 09:13:58 ---A- C:\Documents And Settings\xxx\Local Settings\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\Cache\D03AE71Bd01 [86805]
O61 - LFC:Last File Created 29/10/2010 - 09:14:28 -SH-- C:\Documents And Settings\xxx\Local Settings\Temporary Internet Files\desktop.ini [67]
O61 - LFC:Last File Created 29/10/2010 - 09:14:39 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\sessionstore.js [7604]
O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\downloads.sqlite [2048]
O61 - LFC:Last File Created 29/10/2010 - 09:15:27 ---A- C:\Documents And Settings\xxx\Mes documents\Downloads\ZHPDiag.exe [2165488]
O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite [188416]
O61 - LFC:Last File Created 29/10/2010 - 09:15:40 ---A- C:\Documents And Settings\xxx\Application Data\Mozilla\Firefox\Profiles\k71vxa5z.default\places.sqlite-journal [0]
O61 - LFC:Last File Created 29/10/2010 - 09:16:10 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [439]
---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: RSIT - (.random/random.)
---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(.Pas de propriétaire - Pas de description.) - LEGACY_AAVMKER4
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (.not file.) - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULER
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (.not file.) - AntiVir PersonalEdition Classic Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (.not file.) - Avira Upgrade Service (AntiVirUpgradeService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRUPGRADESERVICE
O64 - Services: CurCS - (.not file.) - avast! Standard Shield Support (aswMon2) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMON2
O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - (.not file.) - AVG7 Wrap Driver (Avg7RsW) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG7RSW
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (.not file.) - avgio (avgio) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGIO
O64 - Services: CurCS - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (.not file.) - avgntflt (avgntflt) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - (.not file.) - AVG Free Network Redirector (AvgTdiX) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGTDIX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.AVIRA GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB
O64 - Services: CurCS - C:\WINDOWS\system32\BEDE66B8.exe (.not file.) - BBBBCB50 (BBBBCB50) .(.Pas de propriétaire - Pas de description.) - LEGACY_BBBBCB50
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS
O64 - Services: CurCS - C:\WINDOWS\system32\dllhost.exe - Application système COM+ (COMSysApp) .(.Microsoft Corporation - COM Surrogate.) - LEGACY_COMSYSAPP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k DcomLaunch (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - (.not file.) - dhfyvk (dhfyvk) .(.Pas de propriétaire - Pas de description.) - LEGACY_DHFYVK
O64 - Services: CurCS - C:\Windows\system32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\DMLOAD.sys - dmload (dmload) .(.Pas de propriétaire - Pas de description.) - LEGACY_DMLOAD
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - C:\Windows\system32\drivers\drvnddm.sys - drvnddm (drvnddm) .(.Sonic Solutions - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10621 (EraserUtilDrv10621) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10621
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - (.not file.) - Service de rapport d'erreurs (ERSvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\fltMgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - C:\Windows\system32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Administration IIS (IISADMIN) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_IISADMIN
O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - C:\WINDOWS\system32\moviemk.exe (.not file.) - Media Seriel Number Service (Media Seriel Number Service) .(.Pas de propriétaire - Pas de description.) - LEGACY_MEDIA_SERIEL_NUMBER_SERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP
O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NTLMSSP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (.not file.) - Office Source Engine (ose) .(.Pas de propriétaire - Pas de description.) - LEGACY_OSE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PCIIDE.sys - PCIIde (PCIIde) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCIIDE
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - C:\WINDOWS\system32\svchost -k rpcss (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Simple Mail Transfer Protocol (SMTP) (SMTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_SMTPSVC
O64 - Services: CurCS - C:\WINDOWS\System32\snmp.exe - Service SNMP (SNMP) .(.Microsoft Corporation - Service SNMP.) - LEGACY_SNMP
O64 - Services: CurCS - C:\WINDOWS\System32\snmptrap.exe - Service d'interruption SNMP (SNMPTRAP) .(.Microsoft Corporation - SNMP Trap Service.) - LEGACY_SNMPTRAP
O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - (.not file.) - SRTSPX (SRTSPX) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRTSPX
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - C:\Windows\system32\drivers\ssrtln.sys - ssrtln (ssrtln) .(.Sonic Solutions - Shared Driver Component.) - LEGACY_SSRTLN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS
O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT
O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS
O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO
O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost -k DComLaunch (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnboio.sys - tfsnboio (tfsnboio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNBOIO
O64 - Services: CurCS - C:\Windows\system32\dla\tfsncofs.sys - tfsncofs (tfsncofs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNCOFS
O64 - Services: CurCS - C:\Windows\system32\dla\tfsndrct.sys - tfsndrct (tfsndrct) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRCT
O64 - Services: CurCS - C:\Windows\system32\dla\tfsndres.sys - tfsndres (tfsndres) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNDRES
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnifs.sys - tfsnifs (tfsnifs) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNIFS
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnopio.sys - tfsnopio (tfsnopio) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNOPIO
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnpool.sys - tfsnpool (tfsnpool) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNPOOL
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudf.sys - tfsnudf (tfsnudf) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDF
O64 - Services: CurCS - C:\Windows\system32\dla\tfsnudfa.sys - tfsnudfa (tfsnudfa) .(.Sonic Solutions - Drive Letter Access Component.) - LEGACY_TFSNUDFA
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME
O64 - Services: CurCS - C:\WINDOWS\system32\inetsrv\inetinfo.exe - Publication World Wide Web (W3SVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_W3SVC
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
O64 - Services: CurCS - (.not file.) - xcsrioplm (xcsrioplm) .(.Pas de propriétaire - Pas de description.) - LEGACY_XCSRIOPLM
---\\ Liste des fichiers non signés (LUF) (O65)
O65 - LUF:22/01/1999 (.Pas de propriétaire - msrtedit Module.) (1, 0, 0, 1) - c:\windows\system32\MSRTEDIT.DLL
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (Yahoo! Search) - http://us.yhs.search.yahoo.com
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by xxx at 29/10/2010 09:30:19
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog
Run by xxx at 29/10/2010 09:31:55
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719
Dump file Name : C:\Program Files\ZHPDiag\MBRDump_10-29-10_09-32-00_PhysicalDrive0.bin
---\\ Crack & Keygen Files (CKF) (O82)
C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix
C:\UsbFix\Quarantine\C\Documents and Settings\xxx\Mes documents\Zuma Deluxe\levels\tiltspiral\office_crack.rar.UsbFix
---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\System32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [111616]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [246272]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [359936]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\System32\advapi32.dll [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912]
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (AntiVirScheduler) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
SS - | Auto 0 | C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (AntiVirService) . (.Pas de propriétaire.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
SS - | Auto 0 | C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe (AntiVirUpgradeService) . (.Pas de propriétaire.) - C:\WINDOWS\TEMP\AVSETUP_4cc8445c\avupgsvc.exe
SS - | Auto 0 | C:\WINDOWS\system32\BEDE66B8.exe (BBBBCB50) . (.Pas de propriétaire.) - C:\WINDOWS\system32\BEDE66B8.exe
SS - | Demand 19/08/2004 225280 | C:\WINDOWS\System32\dmadmin.exe (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 19/08/2004 0 | C:\WINDOWS\system32\moviemk.exe (Media Seriel Number Service) . (.Pas de propriétaire.) - C:\WINDOWS\system32\moviemk.exe
SS - | Demand 19/08/2004 0 | C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe (ose) . (.Pas de propriétaire.) - C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe
End of the scan (1028 lines in 16mn 39s)(2)