RiamMy

Membres

Afficher le profil Afficher son activité

Compteur de contenus
4
Inscription
le 17 mai 2009
Dernière visite
le 10 juin 2009

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par RiamMy

lecture d'un log HiJack This

RiamMy a répondu à un(e) sujet de RiamMy dans Analyses et éradication malwares

bonjour GOF, moi aussi, j'ai été AFK comme disent mes garçons !! Mon PC rame moins en effet. J'ai néanmoins besoin de relancer régulièrement Outlook car il a du mal à aller récupérer les mails des webmails (j'ai au moins 5 adresses mail chez différents FAI) Je vérifie la taille du fichier PST d'outlook qui est loin des 2Mo, car j'en ai crée plusieurs et archive mes mails dans différents pst. Je ne pense pas que ce ralentissement vienne de ça. Quand je tente la synchronisation, rien ne se passe. Alors je quitte outlook et le relance. Dans le meilleur des cas, mes mails descendent. Sinon je reboote la machine. Mais je n'arrive pas à déceler l'origine. Concernant le Keylogger, c'est en effet moi qui l'ai installé sur mon pc et celui de mon ex. Je te laisse imaginer le reste. j'aurais une question concernant Firefox : est ce que le fait de lancer plusieurs fenêtres Firefox, et dans chacune des fenêtres plusieurs onglets peut être la cause d'un ralentissement ? merci bcp Gof à bientôt Myriam
- le 4 juin 2009
- 7 réponses
lecture d'un log HiJack This

RiamMy a répondu à un(e) sujet de RiamMy dans Analyses et éradication malwares

bonjour GOF voilà l'analyse ZHPDiag. Rapport de ZHPDiag v1.21 par Nicolas Coolman Enregistré le 27/05/2009 09:48:59 Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 MSIE: Internet Explorer v6.0.2900.5512 MFIE: Mozilla Firefox (3.0.10) ---\\ Processus lancés C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\services.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\lsass.exe C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\spoolsv.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: 1 - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1" O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe O4 - Global Startup: Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra 'Tools' menuitem: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aimres.dll,144 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302 O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aimres.dll,144 O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302 ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1127599027577 O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} () - http://v4.windowsupdate.microsoft.com/CAB/...9243.0333912037 O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiStartupEvent - C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: AvgStartup - C:\WINDOWS\System32\avgrsstx.dll O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Machine Debug Manager (MDM) - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE O40 - ASIC: Viewpoint Media Player - {03F998B2-0E00-11D3-A498-00104B6EB52E} - C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0302021C_.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file) O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file) O40 - ASIC: Viewpoint Media Player - {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0302021C_.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - C:\WINDOWS\system32\danim.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file) O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file) O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file) O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file) O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file) O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file) O40 - ASIC: Outils d'installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file) O40 - ASIC: Web Folders - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file) O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install O40 - ASIC: KB896727 - {82ced0ff-a00d-4405-ba5f-ef4699159333} - (not file) O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file) O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {91412397-929E-5C34-E354-AC3451D2B198} - (not file) O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file) O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file) O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file) O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file) O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file) O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file) O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys O41 - Driver: Filtre de bus AGP Intel (agp440) - C:\WINDOWS\System32\DRIVERS\agp440.sys O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\System32\DRIVERS\asyncmac.sys O41 - Driver: (no object) (ati2mtag) - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\System32\DRIVERS\atmarpc.sys O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\System32\DRIVERS\audstub.sys O41 - Driver: AVG Free AVI Loader Driver x86 (AvgLdx86) - C:\WINDOWS\System32\Drivers\avgldx86.sys O41 - Driver: AVG Free On-access Scanner Minifilter Driver x86 (AvgMfx86) - C:\WINDOWS\System32\Drivers\avgmfx86.sys O41 - Driver: AVG Free8 Network Redirector (AvgTdiX) - C:\WINDOWS\System32\Drivers\avgtdix.sys O41 - Driver: Broadcom 570x Gigabit Integrated Controller (b57w2k) - C:\WINDOWS\System32\DRIVERS\b57xp32.sys O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\System32\DRIVERS\CmBatt.sys O41 - Driver: Pilote de batterie composite Microsoft (Compbatt) - C:\WINDOWS\System32\DRIVERS\compbatt.sys O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys O41 - Driver: GEARAspiWDM (GEARAspiWDM) - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\System32\DRIVERS\msgpc.sys O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\System32\DRIVERS\hidusb.sys O41 - Driver: (no object) (HSFHWICH) - C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys O41 - Driver: (no object) (HSF_DPV) - C:\WINDOWS\System32\DRIVERS\HSF_DPV.SYS O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\System32\DRIVERS\intelppm.sys O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\System32\DRIVERS\ipinip.sys O41 - Driver: Traducteur d'adresses réseau IP (IpNat) - C:\WINDOWS\System32\DRIVERS\ipnat.sys O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\System32\DRIVERS\irenum.sys O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys O41 - Driver: (no object) (mdmxsdk) - C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\System32\DRIVERS\mouhid.sys O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\System32\DRIVERS\mrxdav.sys O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\System32\DRIVERS\mssmbios.sys O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\System32\DRIVERS\ndistapi.sys O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\System32\DRIVERS\ndisuio.sys O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\System32\DRIVERS\ndiswan.sys O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys O41 - Driver: O2Micro SmartCardBus Reader (O2SCBUS) - C:\WINDOWS\System32\DRIVERS\ozscr.sys O41 - Driver: (no object) (PalmUSBD) - C:\WINDOWS\system32\drivers\PalmUSBD.sys O41 - Driver: Volume Adapter (pepifilter) - C:\WINDOWS\system32\DRIVERS\lv302af.sys O41 - Driver: QuickCam IM(PID_08A0) (PID_08A0) - C:\WINDOWS\system32\DRIVERS\LV302AV.SYS O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\System32\DRIVERS\raspptp.sys O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\System32\DRIVERS\psched.sys O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\System32\DRIVERS\ptilink.sys O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\System32\DRIVERS\raspppoe.sys O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\System32\DRIVERS\raspti.sys O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: Sony Ericsson Device 046 Driver driver (WDM) (SE2Ebus) - C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys O41 - Driver: Sony Ericsson Device 046 USB WMC Modem Filter (SE2Emdfl) - C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys O41 - Driver: Sony Ericsson Device 046 USB WMC Modem Driver (SE2Emdm) - C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys O41 - Driver: Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM) (SE2Emgmt) - C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys O41 - Driver: Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS) (se2End5) - C:\WINDOWS\system32\DRIVERS\se2End5.sys O41 - Driver: Sony Ericsson Device 046 USB WMC OBEX Interface (SE2Eobex) - C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys O41 - Driver: Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM) (se2Eunic) - C:\WINDOWS\system32\DRIVERS\se2Eunic.sys O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\System32\DRIVERS\secdrv.sys O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\System32\DRIVERS\serenum.sys O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\System32\DRIVERS\sr.sys O41 - Driver: Srv (Srv) - C:\WINDOWS\System32\DRIVERS\srv.sys O41 - Driver: Audio Driver (WDM) - SigmaTel CODEC (STAC97) - C:\WINDOWS\system32\drivers\stac97.sys O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\System32\DRIVERS\swenum.sys O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: truecrypt (truecrypt) - C:\WINDOWS\system32\Drivers\truecrypt.sys O41 - Driver: Conexant Setup API (UIUSys) - C:\WINDOWS\system32\drivers\UIUSys.sys O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\System32\DRIVERS\update.sys O41 - Driver: Pilote USB audio (WDM) (usbaudio) - C:\WINDOWS\system32\drivers\usbaudio.sys O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys O41 - Driver: Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft (usbehci) - C:\WINDOWS\System32\DRIVERS\usbehci.sys O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\System32\DRIVERS\usbhub.sys O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\System32\DRIVERS\usbuhci.sys O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\System32\DRIVERS\wanarp.sys O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys O41 - Driver: (no object) (winachsf) - C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) - C:\WINDOWS\System32\drivers\ws2ifsl.sys O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys ---\\ Logiciels installés (O42) O42 - Logiciel: AIM O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel O42 - Logiciel: ATI Control Panel O42 - Logiciel: ATI Display Driver O42 - Logiciel: AVG 8.5 O42 - Logiciel: Ad-Aware O42 - Logiciel: Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch O42 - Logiciel: Adobe Flash Player 10 Plugin O42 - Logiciel: Adobe Flash Player ActiveX O42 - Logiciel: Assistant de connexion Windows Live O42 - Logiciel: Broadcom Gigabit Integrated Controller O42 - Logiciel: C-Major Audio O42 - Logiciel: CCleaner (remove only) O42 - Logiciel: Canon PhotoRecord O42 - Logiciel: Canon PowerShot A40 WIA Driver O42 - Logiciel: Canon Utilities PhotoStitch 3.1 O42 - Logiciel: Canon Utilities RAW Image Converter O42 - Logiciel: Canon Utilities RemoteCapture 2.2 O42 - Logiciel: Canon Utilities ZoomBrowser EX O42 - Logiciel: Choice Guard O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 O42 - Logiciel: Conexant D480 MDC V.92 Modem O42 - Logiciel: Data Export O42 - Logiciel: Désinstaller Kompass France -Market 1- O42 - Logiciel: EPSON Attach To Email O42 - Logiciel: EPSON Copy Utility 3 O42 - Logiciel: EPSON Easy Photo Print O42 - Logiciel: EPSON File Manager O42 - Logiciel: EPSON Logiciel imprimante O42 - Logiciel: EPSON Scan O42 - Logiciel: EPSON Scan Assistant O42 - Logiciel: EPSON Web-To-Page O42 - Logiciel: ESDX4000_4050_CX3900 O42 - Logiciel: Galerie de photos Windows Live O42 - Logiciel: HijackThis 2.0.0 O42 - Logiciel: Hotfix 2050 for SQL Server 2000 FRA (KB948110) O42 - Logiciel: Hotfix 2055 for SQL Server 2000 FRA (KB960082) O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) O42 - Logiciel: Installation Windows Live O42 - Logiciel: Intellisync Lite O42 - Logiciel: J2SE Runtime Environment 5.0 Update 11 O42 - Logiciel: J2SE Runtime Environment 5.0 Update 4 O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 O42 - Logiciel: Java 6 Update 3 O42 - Logiciel: Java 6 Update 5 O42 - Logiciel: Java SE Runtime Environment 6 Update 1 O42 - Logiciel: Lecteur Windows Media 11 O42 - Logiciel: MSVCRT O42 - Logiciel: MSXML 4.0 SP2 (KB927978) O42 - Logiciel: MSXML 4.0 SP2 (KB936181) O42 - Logiciel: MSXML 4.0 SP2 (KB954430) O42 - Logiciel: Macromedia Flash Player 8 O42 - Logiciel: Malwarebytes' Anti-Malware O42 - Logiciel: Messenger Plus! 3 O42 - Logiciel: Microsoft .NET Framework 1.1 O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs O42 - Logiciel: Microsoft Money 2001 O42 - Logiciel: Microsoft National Language Support Downlevel APIs O42 - Logiciel: Microsoft Office 2000 Professional O42 - Logiciel: Microsoft Office Professional Edition 2003 O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] O42 - Logiciel: Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable O42 - Logiciel: Mirror, Mirror O42 - Logiciel: Mozilla Firefox (3.0.10) O42 - Logiciel: Nero 6 Ultra Edition O42 - Logiciel: Nero Mega Plugin Pack O42 - Logiciel: O2Micro Smartcard Driver O42 - Logiciel: Outil de téléchargement Windows Live O42 - Logiciel: PDFCreator O42 - Logiciel: PDFCreator Toolbar O42 - Logiciel: PIF DESIGNER O42 - Logiciel: Palm Desktop pour CLIÉ O42 - Logiciel: Picasa 3 O42 - Logiciel: Plaxo Toolbar for Outlook and Outlook Express O42 - Logiciel: Programme de gestion Camera de Logitech® O42 - Logiciel: QuickTime O42 - Logiciel: RealPlayer O42 - Logiciel: Segoe UI O42 - Logiciel: Skype 2.5 O42 - Logiciel: TrueCrypt O42 - Logiciel: VideoLAN VLC media player 0.8.6i O42 - Logiciel: Viewpoint Media Player O42 - Logiciel: WinAce Archiver O42 - Logiciel: WinZip O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) O42 - Logiciel: Windows Genuine Advantage v1.3.0254.0 O42 - Logiciel: Windows Imaging Component O42 - Logiciel: Windows Live Call O42 - Logiciel: Windows Live Communications Platform O42 - Logiciel: Windows Live Messenger O42 - Logiciel: Windows Live Sync O42 - Logiciel: Windows Media Format 11 runtime O42 - Logiciel: Windows Media Player 11 O42 - Logiciel: Windows XP Service Pack 3 O42 - Logiciel: Zuma Deluxe! 1.0 O42 - Logiciel: iTunes ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Crystal Decisions O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Logitech O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\PC SOFT O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Real O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Windows Live O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\xing shared ---\\ Derniers fichiers modifiés ou crées sous System32 (O44) O44 - LFC:Last File Created - C:\WINDOWS\System32\avgrsstx.dll -->03/05/2009 - 07:37:02 O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->17/05/2009 - 16:09:27 O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->11/03/2009 - 21:22:42 O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21/03/2009 - 15:07:58 O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/05/2009 - 08:16:29 O44 - LFC:Last File Created - C:\WINDOWS\System32\msctfime.ime -->27/02/2009 - 05:57:11 O44 - LFC:Last File Created - C:\WINDOWS\System32\pdh.dll -->06/03/2009 - 15:20:52 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->16/04/2009 - 08:06:41 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->16/04/2009 - 08:06:42 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->16/04/2009 - 08:06:42 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->16/04/2009 - 08:06:42 O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->16/04/2009 - 08:06:41 O44 - LFC:Last File Created - C:\WINDOWS\System32\pncrt.dll -->11/05/2009 - 09:32:05 O44 - LFC:Last File Created - C:\WINDOWS\System32\pndx5016.dll -->11/05/2009 - 09:32:28 O44 - LFC:Last File Created - C:\WINDOWS\System32\pndx5032.dll -->11/05/2009 - 09:32:29 O44 - LFC:Last File Created - C:\WINDOWS\System32\rmoc3260.dll -->11/05/2009 - 09:33:28 O44 - LFC:Last File Created - C:\WINDOWS\System32\shdocvw.dll -->03/03/2009 - 00:10:26 O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->26/05/2009 - 19:05:23 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgldx86.sys -->03/05/2009 - 07:36:58 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgmfx86.sys -->03/05/2009 - 07:36:59 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgtdix.sys -->03/05/2009 - 07:36:15 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 - 14:32:46 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 - 14:32:54 ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACROBAT.EXE-3A2333BF.pf -->26/05/2009 - 08:51:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACROBAT_SL.EXE-16666BA4.pf -->26/05/2009 - 19:06:29 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACROTRAY.EXE-0BEDF10B.pf -->26/05/2009 - 19:06:04 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBELMSVC.EXE-004A961E.pf -->26/05/2009 - 08:52:46 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBELM_CLEANUP.0001-21DA6001.pf -->26/05/2009 - 08:53:21 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->26/05/2009 - 19:03:22 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHMAISV.EXE-12E27032.pf -->17/05/2009 - 12:58:50 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-0548EF0A.pf -->17/05/2009 - 12:58:54 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATI2EVXX.EXE-19D16EB9.pf -->26/05/2009 - 19:05:36 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATIPRBXX.EXE-28AA41C0.pf -->26/05/2009 - 19:05:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATIPTAXX.EXE-18FE8D8B.pf -->26/05/2009 - 19:05:54 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVAST.SETUP-032170A8.pf -->17/05/2009 - 16:07:32 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->27/05/2009 - 08:37:03 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCSRVX.EXE-2F45B5C7.pf -->20/05/2009 - 07:33:34 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNSX.EXE-3B2A5A79.pf -->26/05/2009 - 06:05:04 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGRSX.EXE-1893543C.pf -->26/05/2009 - 06:05:04 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGTRAY.EXE-17920267.pf -->26/05/2009 - 19:06:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGUPD.EXE-388A6FCA.pf -->27/05/2009 - 08:24:14 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGWDSVC.EXE-1AC4BEE6.pf -->23/05/2009 - 08:08:06 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CAMERAWINDOWCOMP.EXE-06A52F38.pf -->25/05/2009 - 15:20:15 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CRASHREPORTER.EXE-29951F6F.pf -->24/05/2009 - 00:12:43 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->26/05/2009 - 19:06:09 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->26/05/2009 - 19:45:03 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEL33D.TMP-244E7C7D.pf -->27/05/2009 - 08:47:54 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->26/05/2009 - 19:45:05 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->26/05/2009 - 05:55:58 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DW20.EXE-0F7C73AD.pf -->27/05/2009 - 05:48:52 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWTRIG20.EXE-1B5A890A.pf -->27/05/2009 - 07:18:47 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->25/05/2009 - 12:46:27 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->26/05/2009 - 08:16:08 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-1C75F8D6.pf -->23/05/2009 - 09:08:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->26/05/2009 - 19:05:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_FAMDBEE.EXE-25086F2B.pf -->26/05/2009 - 09:17:21 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_FAMTBEE.EXE-15B094E5.pf -->26/05/2009 - 09:17:17 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_FARNBEE.EXE-0269E89D.pf -->26/05/2009 - 09:17:17 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\E_FBSRBEE.EXE-359AA0D6.pf -->26/05/2009 - 09:17:02 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->26/05/2009 - 19:14:19 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIXCFG.EXE-293DC071.pf -->27/05/2009 - 08:26:58 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->26/05/2009 - 09:41:32 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HH.EXE-2D1A70B3.pf -->27/05/2009 - 08:47:55 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HOTSYNC.EXE-0F10246D.pf -->26/05/2009 - 19:06:40 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->26/05/2009 - 19:06:05 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INSTALL.EXE-324C1F0D.pf -->27/05/2009 - 08:36:29 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INSTALLHLPMCU.EXE-288B11C2.pf -->27/05/2009 - 08:45:17 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JUSCHED.EXE-0882265F.pf -->26/05/2009 - 19:06:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->26/05/2009 - 19:44:51 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf -->24/05/2009 - 07:58:50 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->27/05/2009 - 08:17:35 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LVCOMSX.EXE-0AC1D558.pf -->26/05/2009 - 19:06:03 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MDM.EXE-1EFE14A5.pf -->23/05/2009 - 08:08:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf -->26/05/2009 - 06:05:52 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf -->27/05/2009 - 07:27:43 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NERO.EXE-3017C357.pf -->23/05/2009 - 19:00:24 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NEROSTARTSMART.EXE-3289D1AD.pf -->23/05/2009 - 18:59:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->26/05/2009 - 07:34:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->26/05/2009 - 19:03:22 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSA9.EXE-27CD7DB8.pf -->26/05/2009 - 19:06:22 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OUTLOOK.EXE-21C6162B.pf -->27/05/2009 - 05:59:45 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\QTTASK.EXE-342507FB.pf -->26/05/2009 - 19:06:07 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALPLAY.EXE-1BF219BD.pf -->24/05/2009 - 19:26:36 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-04BEC5CC.pf -->26/05/2009 - 19:06:08 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1305869B.pf -->25/05/2009 - 18:43:13 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1B390C89.pf -->25/05/2009 - 18:43:18 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28F6DB3B.pf -->22/05/2009 - 20:47:10 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-29F3E5D4.pf -->22/05/2009 - 20:36:47 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-31AE1369.pf -->25/05/2009 - 11:42:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-329B982A.pf -->22/05/2009 - 21:52:02 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3A625D3B.pf -->25/05/2009 - 15:18:35 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SNDVOL32.EXE-383480B7.pf -->26/05/2009 - 20:57:32 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPIDER.EXE-2D998CA6.pf -->26/05/2009 - 20:14:34 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQL2000-KB960082-V8.00.2055-X-2180ACB7.pf -->27/05/2009 - 05:47:28 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQLBOOTLDR.EXE-17650BF1.pf -->26/05/2009 - 05:50:03 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQLBOOTLDR.EXE-19E5B00E.pf -->25/05/2009 - 05:29:27 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQLBOOTLDR.EXE-29C0CE3C.pf -->27/05/2009 - 05:48:06 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQLBOOTLDR.EXE-2FC4DB86.pf -->24/05/2009 - 00:14:50 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SQLBOOTLDR.EXE-3434C6C3.pf -->22/05/2009 - 22:29:28 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSFLWBOX.SCR-12F43B2F.pf -->27/05/2009 - 08:07:36 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STIMON.EXE-328F6592.pf -->25/05/2009 - 15:20:06 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->23/05/2009 - 08:08:09 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf -->25/05/2009 - 16:00:05 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-0F27CF3E.pf -->25/05/2009 - 05:29:05 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-1B8F3089.pf -->27/05/2009 - 05:47:57 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-2C472424.pf -->26/05/2009 - 05:49:52 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-30A9CAC3.pf -->22/05/2009 - 22:29:30 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-399D3CC6.pf -->24/05/2009 - 00:14:54 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATELAUNCHER.EXE-10F326DF.pf -->26/05/2009 - 05:49:50 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATELAUNCHER.EXE-149D6DA1.pf -->24/05/2009 - 00:14:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATELAUNCHER.EXE-30774719.pf -->25/05/2009 - 05:28:56 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATELAUNCHER.EXE-312A3DCF.pf -->22/05/2009 - 22:29:24 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATELAUNCHER.EXE-358FBDAB.pf -->27/05/2009 - 05:47:55 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->26/05/2009 - 19:05:37 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->26/05/2009 - 19:05:40 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WDCLEAN.EXE-14C6995C.pf -->27/05/2009 - 08:47:53 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WDGOLD LITE.EXE-254A3590.pf -->27/05/2009 - 08:47:55 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WDGOLD LITE_INSTALL110006D.EX-16BD4ADB.pf -->27/05/2009 - 08:31:18 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WDSETUP.EXE-2E4D7584.pf -->27/05/2009 - 08:37:15 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf -->26/05/2009 - 19:05:38 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->23/05/2009 - 08:55:37 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->26/05/2009 - 15:21:39 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf -->27/05/2009 - 07:56:54 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->26/05/2009 - 23:44:29 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA1.pf -->22/05/2009 - 21:27:58 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA3.pf -->27/05/2009 - 07:22:44 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA5.pf -->26/05/2009 - 16:02:59 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->27/05/2009 - 08:56:10 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-24896786.pf -->27/05/2009 - 08:48:24 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-3075F7F8.pf -->27/05/2009 - 08:48:38 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZOOMBROWSER.EXE-33FACBC8.pf -->25/05/2009 - 15:18:44 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZUMA.EXE-38B52686.pf -->25/05/2009 - 20:19:01 ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA)(O47) O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" O47 - AAKE:Key Export - "C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger" O47 - AAKE:Key Export - "C:\Program Files\PC Activity Monitor Professional\pcacmep.exe"="C:\Program Files\PC Activity Monitor Professional\pcacmep.exe:*:Enabled:pcacmep" O47 - AAKE:Key Export - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" O47 - AAKE:Key Export - "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" O47 - AAKE:Key Export - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes" O47 - AAKE:Key Export - "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" O47 - AAKE:Key Export - "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" O47 - AAKE:Key Export - "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" O47 - AAKE:Key Export - "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" O47 - AAKE:Key Export - "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" O47 - AAKE:Key Export - "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" O47 - AAKE:Key Export - "C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe" O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (TDSD) (O52) O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv" O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm" O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="lvcodec2.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv" O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm" O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv" O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv" O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"MSVideo"="vfwwdm32.dll" O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll" ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\agp440.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\agpcpq.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\alim1541.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1btxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1mdxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1pdxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1raxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1rvxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1snxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1ttxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1tuxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1xbxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati1xsxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati2mtaa.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinbtxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinmdxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinpdxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinraxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinrvxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinsnxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinttxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atintuxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinxbxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atinxsxx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgldx86.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgmfx86.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgtdix.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\Awrtpd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\Awrtrd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\b57xp32.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\battc.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthenum.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthmodem.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthpan.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthport.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthprint.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bthusb.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ccdecode.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cmbatt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\compbatt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmusic.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltmgr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\gagp30kx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidbth.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidir.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hsfbs2s2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hsfcxts2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hsfdpsp2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSFHWICH.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_CNXT.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\HSF_DPV.SYS O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelide.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\lv302af.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LV302AV.SYS O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LVSVF2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouhid.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mskssrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspclock.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mspqm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mstee.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mtlmnt5.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mtlstrm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mtxparhm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mutohpen.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nabtsfec.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisip.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NSDriver.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntmtlfax.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ozscr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\PalmUSBD.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciide.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\recagent.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rfcomm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismpx.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Ebus.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Ecm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Ecmnt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se2Ecr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Emdfl.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Emdm.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Emgmt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se2End5.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Eobex.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se2Eunic.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\se2Ewh.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SE2Ewhnt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slip.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slnt7554.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slntamr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slnthal.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\slwdmsup.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smbali.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sptd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stac97.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\streamip.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tape.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tosdvd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\truecrypt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\uagp35.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023x.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbaudio.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbehci.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbstor.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbvideo.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaagp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\volsnap.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wacompen.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wadv07nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wadv08nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wadv09nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wadv11nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\watv06nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\watv10nt.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wpdusb.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wstcodec.sys End of the scan: 970 lines merci pour le temps que tu m'accordes et des excellents conseils que tu prodigues. J'attends ton diagnostic (j'espère que tout va bien )) je te souhaite une excellente journée
- le 27 mai 2009
- 7 réponses
lecture d'un log HiJack This

RiamMy a répondu à un(e) sujet de RiamMy dans Analyses et éradication malwares

bonsoir et merci pour ton aide. J'ai désinstallé comme préconisé Avast et passé MBAM sur tous les disques. Voilà le log généré par MBAM après analyse. J'attends ton avis et tes directives. Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2145 Windows 5.1.2600 Service Pack 3 17/05/2009 20:43:09 mbam-log-2009-05-17 (20-43-08).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 167641 Temps écoulé: 3 hour(s), 1 minute(s), 13 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 14 Valeur(s) du Registre infectée(s): 6 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 23 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{57e218e6-5a80-4f0c-ab25-83598f25d7e9} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d1b2879-99ff-11e3-8d96-d7acac95952a} (Spyware.Logger) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d651aff4-9590-424d-bd1e-8e33e090dfb3} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1557b435-8242-4686-9aa3-9265bf7525a4} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{57e218e6-5a80-4f0c-ab25-83598f25d7e9} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{288c5f13-7e52-4ada-a32e-f5bf9d125f99} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcnbdj0e5b1 (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\rhcnbdj0e5b1 (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CbEvtSvc (Trojan.MyDoom) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Refog Software (Refog.Keylogger) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{182b90a3-f372-438a-800c-6814b4de417b} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcnbdj0e5b1 (Rogue.AntivirusXP2008) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\rhcnbdj0e5b1 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Application Data\rhcnbdj0e5b1\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Myriam\Application Data\rhcnbdj0e5b1\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): D:\dwl\dwl en test\NERO 6\Ahead Nero Ultra Edition\Serial-Cracks\Orion_Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcnbdj0e5b1\rhcnbdj0e5b1.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
- le 17 mai 2009
- 7 réponses
lecture d'un log HiJack This

RiamMy a posté un sujet dans Analyses et éradication malwares

Bonjour, me voici arrivée sur ce forum sur la recommandation du site hijack This (Zebulon est Le site français recommandé pour la qualité des commentaires sur les logs Hijak This. Mon PC est démesurément lent depuis qq temps et j'ai l'impression qu'il ralentit jour après jour. Je viens de passer Hijack This. Quelqu'un pourrait me faire une lecture du log et me dire quoi corriger ? merci bcp Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 16:21:37, on 17/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Myriam\Bureau\HiJackThis_v2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\msiexec.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1127599027577 O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 11060 bytes
- le 17 mai 2009
- 7 réponses

Connexion

RiamMy

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par RiamMy

lecture d'un log HiJack This

lecture d'un log HiJack This

lecture d'un log HiJack This

lecture d'un log HiJack This

Zebulon

Outils en ligne

Naviguer