pakie

Membres

Afficher le profil Afficher son activité

Compteur de contenus
1
Inscription
le 23 avril 2010
Dernière visite
le 27 avril 2010

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par pakie

Infection Monwga32.exe

pakie a posté un sujet dans Analyses et éradication malwares

Bonjour, Je suis apparemment infectée par Monxga32.exe qui ralentit énormément mon ordi ... Je vous copie les rapports antivir et ZHPDiag ... Merci de votre aide. Rapport de ZHPDiag v1.25.1408 par Nicolas Coolman Run by Amidala at 24/04/2010 11:47:09 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v7.0.5730.11 ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 2 Processor: x86 Family 6 Model 10 Stepping 0, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1023 MB (67% free) System drive C: has 3 GB (14%) free of 20 GB ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 20 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 20 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 17 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK ---\\ Processus lancés [MD5.7577019A01C57EA335B1E33DDA25A3DD] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe [98304] [MD5.C93AB037A8C792D5F8A1A9FC88A7C7C5] - (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [155648] [MD5.9E109B03018763FDCB075CE74547BE22] - (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [249856] [MD5.583B7D111304BE63D7D9CB65482D2187] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920] [MD5.A2D390F1F2408B94EF34BFE3A00C29D3] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [148888] [MD5.8D65ECE2E86B1B5FD38C4A19F5ECBFBB] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe [1331200] [MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [MD5.AAD52179D4A526AD4A705B87C6E4F72A] - (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504] [MD5.3241525EC39DD14312A193CADBF70F75] - (.Corel, Inc. - Corel Photo Album 6 Application.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [106496] [MD5.CF4A0E2C240501C826977ACC5F0E8411] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [282792] [MD5.5584247B568C2E53934873F4B655FE6A] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [MD5.18B4B12358EFCF68D76812058A26181F] - (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3883856] [MD5.E3CFCFDEA8ECFC9A21819D21B1D4A92C] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [144448] [MD5.17067069B9A7865028C1F2E6971D0CCC] - (.Lavasoft - Ad-Aware Service.) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664] [MD5.1BD6C2F707A275CB7C16FD99FE0F31CA] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\system32\svchost.exe [14336] [MD5.AA3D68F26B2A27F660AFC46039B061A4] - (.Wireless Service - ANIWZCS2 Service Launcher.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [49152] [MD5.870D480C911A7EE9A98B3CB190D95D22] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [512000] [MD5.6B6B5DE3F63C3F9E9DE4F84729395F37] - (.Pas de propriétaire - ATI Smart.) -- C:\WINDOWS\system32\ati2sgag.exe [593920] [MD5.732E0B1ABAACE15D80EC19056B0A2AF9] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [108544] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [MD5.890369AED0DDE1A98F09F7DC239CA2BD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [MD5.9F3744A5C6F49291A7A685040A013399] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.999AA77152F16A40A5727FC657EF66C3] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152] [MD5.DA81EC57ACD4CDC3D4C51CF3D409AF9F] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.C81B8635DEE0D3EF5F64B3DD643023A5] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16674 (vista_gdr.080415-1732)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe O4 - HKLM\..\Run: [iSUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe O4 - HKLM\..\Run: [D-Link AirPlus XtremeG DWL-G520] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [updatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [Corel Photo Downloader] . (.Corel, Inc. - Corel Photo Album 6 Application.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-18\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKUS\S-1-5-18\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - Global Startup: Activer le Poste de Travail Sans Fil Labtec.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Labtec\MagicKey.exe O4 - Global Startup: Craft ROBO Status Supervisor.lnk . (.Graphtec Corporation - Craft ROBO Status Supervisor.) -- C:\Program Files\Craft ROBO Controller\CRSSupervisor.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NewShortcut1.lnk . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\USB_video_device\Utility\RemoteTool\BDARemote.exe O4 - Global Startup: monxga32.exe . (.Pas de propriétaire - Pas de description.) -- C:\Documents And Settings\Amidala\Menu Démarrer\Programmes\Démarrage\monxga32.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Barre RoboForm - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Enregistrer le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll O8 - Extra context menu item: Personnaliser le menu - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Remplir le formulaire - (.not file.) - file:\\C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1183836618673 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - (.not file.) - https:\\static.impots.gouv.fr\tdir\static\adpform\AdSignerADP.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.56.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {DAF94F73-2AA6-44D8-A562-A28831820D34} (Pixum EasyUploadX Control) - http://www.pixum.fr/apps/EasyUploadX.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CCS\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CCS\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CCS\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS1\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS1\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS1\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS1\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS2\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS2\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS2\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS2\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS3\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS3\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS3\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS3\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS4\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS4\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS4\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS4\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS5\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS5\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS5\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS5\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS6\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS6\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS6\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS6\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS7\Services\Tcpip\..\{15587AB2-725B-486A-9915-03FA257070B7}: NameServer = 93.188.164.111,93.188.166.103 O17 - HKLM\System\CS7\Services\Tcpip\..\{6AED591D-37A3-4523-8806-D22781CFF7BC}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS7\Services\Tcpip\..\{722024A1-3133-44A8-ACD4-316A05EE4036}: NameServer = 212.27.32.176,212.27.32.177 O17 - HKLM\System\CS7\Services\Tcpip\..\{7B33CA3A-BCEB-4828-B405-4B5978A10788}: NameServer = 93.188.164.111,93.188.166.103 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Lavasoft Ad-Aware Service (aawservice) . (.Lavasoft - Ad-Aware Service.) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) . (.Wireless Service - ANIWZCS2 Service Launcher.) - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cac80a9bb5050.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Adobe\Director\SwDir.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgntdd (avgntdd) . (.Avira GmbH - Avira AntiVir File Filter Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\avgntdd.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ADS Tech V3.6.1 Instant DVD CapWiz - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: AI RoboForm (All Users) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ANIO Service - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ANIWZCS2 Service - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI - Software Uninstall Utility - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] O42 - Logiciel: Adobe Download Manager 2.0 (Supprimer uniquement) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 7.0.7 - Français - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: AirPlus XtremeG DWL-G520 - (.D-Link.) [HKLM] O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Avant Browser (remove only) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] O42 - Logiciel: BankPerfect 6.23 - (.Fabio Chelly.) [HKLM] O42 - Logiciel: C-Media 3D Audio - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Cars Quatre Roues - Aventures à Radiator Springs - (.AWE Games.) [HKLM] O42 - Logiciel: Color'Album 1.0 - (.ColorClub.) [HKLM] O42 - Logiciel: Corel Photo Album 6 - (.Corel, Inc..) [HKLM] O42 - Logiciel: Craft ROBO Controller - (.Graphtec.) [HKLM] O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] O42 - Logiciel: DVD Decrypter 3.5.4.0 Fr - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] O42 - Logiciel: EPSON CardMonitor - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON PhotoStarter3.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Font Xplorer 1.2.2 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Gimp pour Windows - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: IZArc 3.5 beta 3 - (.Ivan Zahariev.) [HKLM] O42 - Logiciel: Inkscape 0.45.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Java 2 Runtime Environment, SE v1.4.2_19 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Java 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: K-Lite Codec Pack 2.72 Full - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lesaccros2.com - Service Photo - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mister Clic V1.5.1.5 - (.Mister Clic.) [HKLM] O42 - Logiciel: Mon Univers Photo Pixiphot - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nero 7 Demo - (.Nero AG.) [HKLM] O42 - Logiciel: O&O DiskRecovery - (.O&O Software GmbH.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] O42 - Logiciel: PHOTOfunSTUDIO -viewer- - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Panneau de contrôle ATI - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PhotoRescue 2.1 Demo Version (build 679) - (.DataRescue SA/NV.) [HKLM] O42 - Logiciel: Poste de Travail Sans Fil Labtec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: ROBO Master - (.Graphtec.) [HKLM] O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] O42 - Logiciel: USB Audio/Video Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Ulead DVD MovieFactory 2 SE - (.Ulead Systems, Inc..) [HKLM] O42 - Logiciel: Ulead Straight-to-Disc SDK - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Ulead VideoStudio 7 SE DVD - (.Ulead Systems, Inc..) [HKLM] O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpowerAMP Music Converter - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: dBpowerAMP WMA V9.1 Codec - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: iDeal Designer - (.Hygena.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\3ivx] [HKCU\Software\ADSTech] [HKCU\Software\ANI] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AliveDVDRipper] [HKCU\Software\AppDataLow] [HKCU\Software\Aurigma] [HKCU\Software\Avant Browser] [HKCU\Software\Avira] [HKCU\Software\BITSoft] [HKCU\Software\BankPerfect] [HKCU\Software\CeWe Color] [HKCU\Software\Cirrus Logic USB-DVR2] [HKCU\Software\Classes] [HKCU\Software\CoreVorbis] [HKCU\Software\Corel] [HKCU\Software\CyberLink] [HKCU\Software\DVD Decrypter] [HKCU\Software\DVD Shrink] [HKCU\Software\DivXNetworks] [HKCU\Software\EPSON] [HKCU\Software\GNU] [HKCU\Software\GRAPE SYSTEMS] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Graphtec] [HKCU\Software\H+BEDV] [HKCU\Software\HKEY_LOCAL_MACHINE] [HKCU\Software\HaaliMkx] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\Illustrate] [HKCU\Software\InstallShield] [HKCU\Software\Install] [HKCU\Software\Intel] [HKCU\Software\InterVideo] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Luke Pascoe Software] [HKCU\Software\Luminar] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Moon Software] [HKCU\Software\Moonlight Cordless] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Opendisc] [HKCU\Software\PAW-Software] [HKCU\Software\PDFCreator] [HKCU\Software\PIXUM] [HKCU\Software\Pegasys Inc.] [HKCU\Software\Policies] [HKCU\Software\Protexis] [HKCU\Software\RECISIO] [HKCU\Software\SCC] [HKCU\Software\SecuROM] [HKCU\Software\Sensaura] [HKCU\Software\Siber Systems] [HKCU\Software\Smart Panel] [HKCU\Software\Snapfish] [HKCU\Software\TCP Optimizer] [HKCU\Software\THQ] [HKCU\Software\Trolltech] [HKCU\Software\TurnTool] [HKCU\Software\ULead] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\WayTech] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eBay] [HKCU\Software\muvee Technologies] [HKCU\Software\xp-AntiSpy] [HKCU\Software\yahoo] [HKLM\Software\10tacle Studios] [HKLM\Software\3ivx] [HKLM\Software\68652936] [HKLM\Software\76918031] [HKLM\Software\ANI] [HKLM\Software\ATI Technologies Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe Systems] [HKLM\Software\Adobe] [HKLM\Software\Alpha Networks] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avant Browser] [HKLM\Software\Avira] [HKLM\Software\C-Media] [HKLM\Software\C07ft5Y] [HKLM\Software\Cirrus Logic USB-DVR2] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\Cyberlink] [HKLM\Software\D-Link] [HKLM\Software\DivXNetworks] [HKLM\Software\EPSON] [HKLM\Software\GIMP_Back_Mode] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Graphtec] [HKLM\Software\HPS] [HKLM\Software\HaaliMkx] [HKLM\Software\Hofmann] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Jasc] [HKLM\Software\JavaSoft] [HKLM\Software\KLCodecPack] [HKLM\Software\Lavasoft] [HKLM\Software\Macromedia] [HKLM\Software\Moon Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\My Company Name] [HKLM\Software\Nero] [HKLM\Software\NewSoft] [HKLM\Software\O&O] [HKLM\Software\ODBC] [HKLM\Software\On2 Technologies] [HKLM\Software\Panasonic] [HKLM\Software\Policies] [HKLM\Software\Preview Systems] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\RECISIO] [HKLM\Software\S3R521] [HKLM\Software\SBDT AB] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Siber Systems] [HKLM\Software\Smart Panel] [HKLM\Software\Sonic] [HKLM\Software\StreamMachine] [HKLM\Software\Thrustmaster] [HKLM\Software\USB2800] [HKLM\Software\Ulead Systems] [HKLM\Software\Ulead] [HKLM\Software\VIA Technologies, Inc] [HKLM\Software\Via4in1Driver] [HKLM\Software\WayTech] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\Yahoo] [HKLM\Software\ahead] [HKLM\Software\muvee Technologies] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\ADSTech Instant DVD O43 - CFD:Common File Directory ----D- C:\Program Files\ADSTech Instant DVD+DV O43 - CFD:Common File Directory ----D- C:\Program Files\ANI O43 - CFD:Common File Directory ----D- C:\Program Files\AntiVir PersonalEdition Classic O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Avant Browser O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\BankPerfect O43 - CFD:Common File Directory ----D- C:\Program Files\C-Media 3D Audio O43 - CFD:Common File Directory ----D- C:\Program Files\Color'Album O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\Corel O43 - CFD:Common File Directory ----D- C:\Program Files\Craft ROBO Controller O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\D-Link O43 - CFD:Common File Directory ----D- C:\Program Files\directx O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Decrypter O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Shrink O43 - CFD:Common File Directory ----D- C:\Program Files\eBay O43 - CFD:Common File Directory ----D- C:\Program Files\EPSON O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Font Xplorer O43 - CFD:Common File Directory ----D- C:\Program Files\Gimp O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\GRAPHTEC O43 - CFD:Common File Directory ----D- C:\Program Files\Hofmann O43 - CFD:Common File Directory ----D- C:\Program Files\Hygena O43 - CFD:Common File Directory ----D- C:\Program Files\Illustrate O43 - CFD:Common File Directory ----D- C:\Program Files\Inkscape O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\IZArc O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD:Common File Directory ----D- C:\Program Files\KaraFun O43 - CFD:Common File Directory ----D- C:\Program Files\Labtec O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft O43 - CFD:Common File Directory ----D- C:\Program Files\Lesaccros2-Service Photo O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Mister Clic O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\Nero O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\OfficeUpdate11 O43 - CFD:Common File Directory ----D- C:\Program Files\OO Software O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\Panasonic O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator O43 - CFD:Common File Directory ----D- C:\Program Files\pese_courrier O43 - CFD:Common File Directory ----D- C:\Program Files\PhotoRescue O43 - CFD:Common File Directory ----D- C:\Program Files\Pixiphot O43 - CFD:Common File Directory ----D- C:\Program Files\Poste de Travail Sans Fil Labtec O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\ROBO Master O43 - CFD:Common File Directory ----D- C:\Program Files\SDHelper (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\Siber Systems O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Panel O43 - CFD:Common File Directory ----D- C:\Program Files\Sweet Home 3D O43 - CFD:Common File Directory ----D- C:\Program Files\TeaTimer (Spybot - Search & Destroy) O43 - CFD:Common File Directory ----D- C:\Program Files\THQ O43 - CFD:Common File Directory ----D- C:\Program Files\TurnTool O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\USB_video_device O43 - CFD:Common File Directory ----D- C:\Program Files\VIA O43 - CFD:Common File Directory ----D- C:\Program Files\Weight Watchers O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\WinPcap O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo! O43 - CFD:Common File Directory --H-D- C:\Program Files\Zero G Registry O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Corel O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ulead Systems O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Vbox O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.842478E265C446F210C60255D0343A37] - 24/04/2010 - 10:30:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [12598] O44 - LFC:[MD5.3F98F34D61243D4486F411E126CC6045] - 24/04/2010 - 10:30:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ANIWZCS{7B33CA3A-BCEB-4828-B405-4B5978A10788} [3284] O44 - LFC:[MD5.C4B8CFAEEFF1E49A9B99D1BB5190AEE1] - 24/04/2010 - 10:30:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ANIWZCSUSERNAME{7B33CA3A-BCEB-4828-B405-4B5978A10788} [8] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/04/2010 - 10:30:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/04/2010 - 10:30:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/04/2010 - 10:30:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [157] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 24/04/2010 - 10:29:23 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 22/04/2010 - 21:10:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\jszra.sys [586240] O44 - LFC:[MD5.AAD8F97AB9FCDD1280B3416B77DA4CD4] - 22/04/2010 - 21:10:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1728962] O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 21:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\vldhwzbp.sys [586240] O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 21/04/2010 - 20:40:50 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [28520] O44 - LFC:[MD5.1289E9A5D9118A25A13C0009519088E3] - 21/04/2010 - 20:40:49 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\System32\drivers\avipbb.sys [124784] O44 - LFC:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [22360] O44 - LFC:[MD5.5B44C214F9CD9F590BE9125347610380] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\System32\drivers\avgntdd.sys [45416] O44 - LFC:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 21/04/2010 - 20:40:48 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [60936] O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 20:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\muejykh.sys [586240] O44 - LFC:[MD5.491A2773744C24DCB0D71241515F7E03] - 20/04/2010 - 06:08:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\xozqr.sys [586240] O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 17/04/2010 - 20:31:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.0822C72460ADB2FB3E7BA2D2D097C600] - 11/04/2010 - 18:54:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\IE4 Error Log.txt [1147] O44 - LFC:[MD5.44E374AB50198740E1342586CA839EDB] - 11/04/2010 - 18:52:32 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\KGyGaAvL.sys [3506] O44 - LFC:[MD5.4DE2D6C86FCDFF8F1E31F4A76A6B535C] - 11/04/2010 - 18:52:32 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\95E1D0B6AE.sys [88] O44 - LFC:[MD5.8BFE9C8F968CAA02B2A693FF2E82A9AF] - 11/04/2010 - 18:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [214258] O44 - LFC:[MD5.B1E55666A1DF887CE556F4C76C3D5755] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [52764] O44 - LFC:[MD5.47C7DD6B8A63AE639469B2C1275D94B4] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [63614] O44 - LFC:[MD5.187EAAC16F435849F6BB4E6C0A4B96B3] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [380350] O44 - LFC:[MD5.5B77A8213B01234F9D41F34000725A1D] - 28/03/2010 - 19:19:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [445016] O44 - LFC:[MD5.408757CD1A0FB6E73008121F8072317C] - 28/03/2010 - 19:19:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [951946] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "J:\Data\Documents\Pilotes\DNS-323(NAS)\dns323_EasySearch_420.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- J:\Data\Documents\Pilotes\DNS-323(NAS)\dns323_EasySearch_420.exe O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerDirector\PDR.exe" [Enabled] .(.CyberLink Corp. - PowerDirector.) (.not file.) -- C:\Program Files\CyberLink\PowerDirector\PDR.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\_ex-08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\Temp\_ex-08.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\~TMD.tmp" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\Temp\~TMD.tmp:*:Disabled:~TMD O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) (.not file.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\services.exe" [Enabled] .(.Microsoft Corporation - Applications Services et Contrôleur.) (.not file.) -- C:\WINDOWS\system32\services.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{f64d6810-918d-11de-a1df-00196609771e}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- I:\Setup.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\x264vfw.dll O52 - TDSD: \Drivers32\"VIDC.DIV3"="DivXc32.dll" . (.Hacked with Joy ! - DivX MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll O52 - TDSD: \Drivers32\"VIDC.DIV4"="DivXc32f.dll" . (.Hacked with Joy ! - DivX MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll O52 - TDSD: \Drivers32\"VIDC.3iv2"="3ivxVfWCodec.dll" . (.3ivx.com - 3ivx D4 4.5.1 Pro Video for Windows Codec.) -- C:\WINDOWS\System32\3ivxVfWCodec.dll O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.divxa32"="divxa32.acm" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec (PRO)" . (.Fraunhofer Institut Integrierte Schaltungen - "MPEG Layer-3 Audio Codec Pro ".) -- C:\WINDOWS\System32\l3codecp.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec v1.2.0-dev" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 H.264 Video Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"DivXc32.dll"="DivX MPEG-4 (Low-Motion)" . (.Hacked with Joy ! - DivX MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32.dll O52 - TDSD: \drivers.desc\"DivXc32f.dll"="DivX MPEG-4 (Fast-Motion)" . (.Hacked with Joy ! - DivX MPEG-4 Video Codec.) -- C:\WINDOWS\System32\DivXc32f.dll O52 - TDSD: \drivers.desc\"3ivxVfWCodec.dll"="3ivx D4 4.5.1 Pro" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio Codec" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm O52 - TDSD: \drivers.desc\"divxa32.acm"="DivX Audio" . (.Kristal Studi - DivX WMA Audi.) -- C:\WINDOWS\System32\divxa32.acm O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC3 ACM Decompressor" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \drivers.desc\"C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm"="Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.2.5 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\68652936 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\68652936\68652936.exe O53 - SMSR:HKLM\...\startupreg\76918031 [Key] . (.Pas de propriétaire - Pas de description.) -- C:\DOCUME~1\ALLUSE~1\APPLIC~1\76918031\76918031.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKCU\...\Policies\Explorer] - "ClearRecentDocsjava-script"=1 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.21AF8E9C727C6D7643AD497268F55BF1] - 24/05/2007 - 18:15:00 ---A- . (.D-Link Corporation - Driver for D-Link Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\A3AB.sys O58 - SDL:[MD5.116BFF96077A4A724E0AAB800525CEB5] - 03/08/2004 - 21:31:20 ---A- . (.ADMtek Incorporated. - ADMtek AN983/AN985/ADM951X NDIS5 Driver.) -- C:\WINDOWS\system32\drivers\an983.sys O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29/03/2000 - 15:17:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS O58 - SDL:[MD5.7554246A1F39CEFD6C42B80016BDCCA8] - 22/01/2008 - 22:38:03 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 11/05/2009 - 11:49:28 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys O58 - SDL:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 16/02/2010 - 13:24:01 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 11/05/2009 - 11:49:28 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys O58 - SDL:[MD5.1289E9A5D9118A25A13C0009519088E3] - 01/03/2010 - 09:05:24 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys O58 - SDL:[MD5.124E75B7C483E5D646F99EF5ACFD61B8] - 29/04/2008 - 10:19:50 ---A- . (.Lavasoft AB - Driver for Ad-Watch Real-Time Process protection.) -- C:\WINDOWS\system32\drivers\Awrtpd.sys O58 - SDL:[MD5.973E80FEB99243D150FA3CA490698EB0] - 29/04/2008 - 10:19:54 ---A- . (.Lavasoft AB - Driver for Ad-Watch Real-Time Registry Protection.) -- C:\WINDOWS\system32\drivers\Awrtrd.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.924AB66E831E9CF3E20DBC6B63103516] - 23/08/2004 - 09:21:12 R--A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\system32\drivers\cmuda.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.B2418FB4CD0D46361B7AF43FCF15CFBB] - 07/04/2005 - 09:00:18 ---A- . (.ADS - Instant DVD 2.0.) -- C:\WINDOWS\system32\drivers\dvr2ins.sys O58 - SDL:[MD5.6E883BF518296A40959131C2304AF714] - 17/08/2001 - 19:11:06 ---A- . (.3Com Corporation - 3Com EtherLink PCI Driver.) -- C:\WINDOWS\system32\drivers\el90xbc5.sys O58 - SDL:[MD5.01293927595AD16D0A9979AB85C3A755] - 23/08/2001 - 18:13:30 ---A- . (.3Com Corporation - Pilote Miniport réseau 3Com Fast EtherLink XL / EtherLink XL.) -- C:\WINDOWS\system32\drivers\el90xnd5.sys O58 - SDL:[MD5.4C3180982ABBC7CFA14DD21C0CBB1C22] - 14/05/2008 - 19:32:42 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\WINDOWS\system32\drivers\emBDA.sys O58 - SDL:[MD5.49B03351781DE98981DF0814A15DC992] - 14/05/2008 - 19:32:24 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\WINDOWS\system32\drivers\emOEM.sys O58 - SDL:[MD5.A2A85C1375FA4037419B94D91437C21C] - 21/05/2002 - 12:40:18 R--A- . (.Sitecom - Sitecom LN-020.) -- C:\WINDOWS\system32\drivers\FASTNIC.sys O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17/08/2001 - 19:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys O58 - SDL:[MD5.B7186B33B6CF3A23841015531E6E7D68] - 11/11/2003 - 11:41:08 R--A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5b.sys O58 - SDL:[MD5.25EDD75E23C5EF6B33D0FBCCE125A601] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys O58 - SDL:[MD5.9C4BBACF4E9B9543C3CE23F1FE556941] - 15/08/2005 - 11:08:26 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 22/04/2010 - 21:10:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\jszra.sys O58 - SDL:[MD5.A8480D72EB28D76DB6DD3A32B0D8F8B0] - 15/10/2002 - 14:48:46 ---A- . (.WayTech Development, Inc. - Keyboard filter driver.) -- C:\WINDOWS\system32\drivers\kbfilter.sys O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 20:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\muejykh.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.AC3E7DB45F04EBD40F4C1E0A0D774269] - 29/04/2008 - 10:20:00 ---A- . (.Lavasoft AB - Driver for Ad-Watch network monitoring.) -- C:\WINDOWS\system32\drivers\NSDriver.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.86724469CD077901706854974CD13C3E] - 25/04/2005 - 01:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 04/08/2004 - 23:29:52 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/05/2009 - 09:12:49 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.4B039BBD037B01F5DB5A144C837F283A] - 02/07/2003 - 03:42:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS O58 - SDL:[MD5.0363E216E4EB5052969C96608934DBDE] - 20/06/2005 - 11:53:30 R--A- . (.VIA Technologies inc,.ltd - VIA RAID DRIVER FOR WIN 2000/XP/2003IA32.) -- C:\WINDOWS\system32\drivers\viamraid.sys O58 - SDL:[MD5.7C6DD89E2B5E78A8247E327C2B301DB1] - 12/03/2002 - 01:57:00 ---A- . (.VIA Technologies, Inc. - VIA AC'97 Enhanced Audio WDM Driver.) -- C:\WINDOWS\system32\drivers\viaudio.sys O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 21/04/2010 - 21:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\vldhwzbp.sys O58 - SDL:[MD5.491A2773744C24DCB0D71241515F7E03] - 20/04/2010 - 06:08:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\xozqr.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 24/04/2010 - 02:50:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\yrzeqf.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 24/04/2010 - 02:50:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\yxhmawja.sys O58 - SDL:[MD5.4DE2D6C86FCDFF8F1E31F4A76A6B535C] - 11/04/2010 - 18:52:32 RSH-- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\95E1D0B6AE.sys O58 - SDL:[MD5.920298C7AEF97D8168D219D35975D295] - 12/05/2007 - 16:39:32 ---A- . (.Alpha Networks Inc. - ANIO (NT5) Driver.) -- C:\WINDOWS\system32\ANIO.sys O58 - SDL:[MD5.ACF780F3DCE634A0B8ECE6E3CD505C9C] - 12/05/2007 - 16:39:32 ---A- . (.ANI - ANIO (NDIS4) Driver.) -- C:\WINDOWS\system32\anio4.sys O58 - SDL:[MD5.5AE0176FCF1EDB5CEE28E4D542085107] - 12/05/2007 - 16:39:32 ---A- . (.Alpha Networks Inc. - ANIO (NT5) Driver.) -- C:\WINDOWS\system32\ANIO64.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.44E374AB50198740E1342586CA839EDB] - 11/04/2010 - 18:52:32 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\KGyGaAvL.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys O58 - SDL:[MD5.A568B9A9FFE2D9387222A5C90F86D731] - 17/07/2003 - 09:10:06 R--A- . (.VIA Networking Technologies, Inc. - Network Device Monitor Utility.) -- C:\WINDOWS\system32\ntsim.sys O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF] - 07/03/2005 - 19:44:18 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Phoebe Photo Distribution Manager.) -- C:\WINDOWS\system32\PhDi2.sys ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 06/01/1999 - 10:32:48 ---A- C:\Documents And Settings\Amidala\Mes documents\Kobian_KM266\Pilotes\vga\Win2K&XP\_INST32I.EX_ [291403] O61 - LFC:Last File Created 21/04/2010 - 19:49:51 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.free-av[1].txt [75] O61 - LFC:Last File Created 21/04/2010 - 19:50:12 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\IdentityCRL\production\MetaConfig.xml [163] O61 - LFC:Last File Created 21/04/2010 - 19:50:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@c.live[1].txt [65] O61 - LFC:Last File Created 21/04/2010 - 19:50:15 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@c.msn[1].txt [64] O61 - LFC:Last File Created 21/04/2010 - 19:50:15 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@msn[2].txt [64] O61 - LFC:Last File Created 21/04/2010 - 19:50:30 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@messenger.msn[1].txt [101] O61 - LFC:Last File Created 21/04/2010 - 19:50:36 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@rad.msn[2].txt [680] O61 - LFC:Last File Created 21/04/2010 - 19:50:37 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@login.live[1].txt [276] O61 - LFC:Last File Created 21/04/2010 - 19:50:41 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@profile.live[2].txt [344] O61 - LFC:Last File Created 21/04/2010 - 19:53:33 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@download.cnet[2].txt [98] O61 - LFC:Last File Created 21/04/2010 - 19:54:22 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@cnet[2].txt [799] O61 - LFC:Last File Created 21/04/2010 - 19:55:25 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\contacts.edb [4218880] O61 - LFC:Last File Created 21/04/2010 - 19:55:26 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\LogFiles\edb00012.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 19:55:27 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\edb00012.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 19:55:27 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 21/04/2010 - 19:55:28 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 21/04/2010 - 19:55:39 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\contacts.edb [2121728] O61 - LFC:Last File Created 21/04/2010 - 19:55:40 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\LogFiles\edb00011.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\contacts.pat [16384] O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\Backup\new\edb00011.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 19:55:41 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\contacts.pat [16384] O61 - LFC:Last File Created 21/04/2010 - 19:56:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\MessengerCache\bUvnf2AGvCzzlpm2Fi8eltNogvzw= [2053] O61 - LFC:Last File Created 21/04/2010 - 20:01:49 ---A- C:\Documents And Settings\Amidala\Mes documents\avira_antivir_personal_en.exe [44089584] O61 - LFC:Last File Created 21/04/2010 - 20:18:00 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Messenger\pascale.bonnanfant@laposte.net\SocialNews\WNResponse.xml [42500] O61 - LFC:Last File Created 21/04/2010 - 20:24:35 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\MessengerCache\2ti5uiYlZK3JcC662FS6+Fit7Fks= [401730] O61 - LFC:Last File Created 21/04/2010 - 20:25:09 ---A- C:\Documents And Settings\All Users\Application Data\restart.txt [0] O61 - LFC:Last File Created 21/04/2010 - 20:25:36 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm [284] O61 - LFC:Last File Created 21/04/2010 - 20:25:36 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@live[1].txt [65] O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\LogFiles\edb.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\contacts.edb [2113536] O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\dbstore.ini [174] O61 - LFC:Last File Created 21/04/2010 - 20:25:37 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{c0df01d6-49ea-409f-aa51-2b88709015b4}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [114776] O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\LogFiles\edb.log [4194304] O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\contacts.edb [4210688] O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\dbstore.ini [174] O61 - LFC:Last File Created 21/04/2010 - 20:25:38 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Windows Live Contacts\{499cc6d0-eb08-4fb1-9a12-73973449cdd2}\DBStore\edb.chk [8192] O61 - LFC:Last File Created 21/04/2010 - 20:37:03 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898] O61 - LFC:Last File Created 21/04/2010 - 20:37:03 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94] O61 - LFC:Last File Created 21/04/2010 - 20:37:08 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [95739] O61 - LFC:Last File Created 21/04/2010 - 20:37:08 -S-A- C:\Documents And Settings\Amidala\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124] O61 - LFC:Last File Created 21/04/2010 - 20:37:46 ---A- C:\Documents And Settings\Amidala\Local Settings\Application Data\Adobe\Color\ACECache4.lst [8370] O61 - LFC:Last File Created 21/04/2010 - 20:39:22 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\dd_vcredistMSI2B22.txt [524672] O61 - LFC:Last File Created 21/04/2010 - 20:39:23 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\dd_vcredistUI2B22.txt [11698] O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Bureau\Avira AntiVir Control Center.lnk [1716] O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\AntiVir Help.lnk [1711] O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\AntiVir on the Internet.lnk [1727] O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\Display readme.lnk [856] O61 - LFC:Last File Created 21/04/2010 - 20:41:11 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Avira\AntiVir Desktop\Start AntiVir.lnk [1734] O61 - LFC:Last File Created 21/04/2010 - 20:41:54 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj [1264] O61 - LFC:Last File Created 21/04/2010 - 20:42:04 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IDX\master.idx [56] O61 - LFC:Last File Created 21/04/2010 - 20:42:39 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@notifier.avira[2].txt [360] O61 - LFC:Last File Created 21/04/2010 - 20:43:13 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-04-21-21-41-55.log [51358] O61 - LFC:Last File Created 21/04/2010 - 20:43:13 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\5ed6ae15.avl [3094] O61 - LFC:Last File Created 21/04/2010 - 20:45:22 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@72.233.76[1].txt [83] O61 - LFC:Last File Created 21/04/2010 - 20:45:24 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@30831.123bounce[1].txt [103] O61 - LFC:Last File Created 21/04/2010 - 20:45:41 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@ad.zanox[1].txt [120] O61 - LFC:Last File Created 21/04/2010 - 20:46:59 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.savoirtoutfaire[2].txt [103] O61 - LFC:Last File Created 21/04/2010 - 20:46:59 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.savoirtoutfaire[3].txt [201] O61 - LFC:Last File Created 21/04/2010 - 20:48:25 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@linternaute[2].txt [767] O61 - LFC:Last File Created 21/04/2010 - 20:54:24 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@mesnotices[1].txt [479] O61 - LFC:Last File Created 21/04/2010 - 20:57:16 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\java-scripts\glob.settings.js [10] O61 - LFC:Last File Created 21/04/2010 - 20:57:17 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat [0] O61 - LFC:Last File Created 21/04/2010 - 20:57:17 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat [870] O61 - LFC:Last File Created 21/04/2010 - 20:57:18 ---A- C:\Documents And Settings\Amidala\Application Data\Adobe\Acrobat\7.0\Collab\RSS [103] O61 - LFC:Last File Created 21/04/2010 - 20:58:09 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\6c56b525.avl [1702] O61 - LFC:Last File Created 21/04/2010 - 21:13:27 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\AVSCAN-20100421-214329-814F963B.LOG [18868] O61 - LFC:Last File Created 21/04/2010 - 21:14:38 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\setup.log [100288] O61 - LFC:Last File Created 21/04/2010 - 21:28:53 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042120100422\index.dat [49152] O61 - LFC:Last File Created 21/04/2010 - 21:29:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@infos-du-net[2].txt [565] O61 - LFC:Last File Created 21/04/2010 - 21:34:42 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@google[1].txt [344] O61 - LFC:Last File Created 21/04/2010 - 21:35:21 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@commentcamarche[2].txt [391] O61 - LFC:Last File Created 21/04/2010 - 21:39:42 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt01.sqm [284] O61 - LFC:Last File Created 21/04/2010 - 21:40:10 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe [8192] O61 - LFC:Last File Created 21/04/2010 - 21:40:10 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\sched.log [1138] O61 - LFC:Last File Created 22/04/2010 - 20:18:46 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042220100423\index.dat [32768] O61 - LFC:Last File Created 22/04/2010 - 21:03:24 ---A- C:\Documents And Settings\Amidala\Bureau\AVSCAN-20100421-214329-814F963B.LOG [18868] O61 - LFC:Last File Created 22/04/2010 - 21:09:52 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@facebook[2].txt [459] O61 - LFC:Last File Created 22/04/2010 - 21:10:35 ---A- C:\Documents And Settings\Amidala\Application Data\Microsoft\MSN Messenger\sqmnoopt02.sqm [284] O61 - LFC:Last File Created 22/04/2010 - 21:10:42 -SHA- C:\Documents And Settings\Amidala\Recent\Desktop.ini [150] O61 - LFC:Last File Created 22/04/2010 - 21:10:53 -SH-- C:\Documents And Settings\Amidala\ntuser.ini [184] O61 - LFC:Last File Created 22/04/2010 - 21:11:01 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\history.aaw [976] O61 - LFC:Last File Created 22/04/2010 - 21:11:01 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\settings.aaw [3616] O61 - LFC:Last File Created 24/04/2010 - 10:29:35 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 24/04/2010 - 10:29:39 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 24/04/2010 - 10:29:40 -SHA- C:\Documents And Settings\Amidala\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 24/04/2010 - 10:29:53 ---A- C:\Documents And Settings\All Users\Application Data\InstallShield\UpdateService\Database\{4D2778E5-AD01-4e75-A6DA-1D5831514609}.ini [139] O61 - LFC:Last File Created 24/04/2010 - 10:29:53 ---A- C:\Documents And Settings\All Users\Application Data\Lavasoft\Ad-Aware\logs\Ad-Aware event.log [57855] O61 - LFC:Last File Created 24/04/2010 - 10:30:48 ---A- C:\Documents And Settings\Amidala\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0] O61 - LFC:Last File Created 24/04/2010 - 10:32:20 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [32768] O61 - LFC:Last File Created 24/04/2010 - 10:32:20 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 24/04/2010 - 10:34:49 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\jusched.log [188799] O61 - LFC:Last File Created 24/04/2010 - 10:35:01 ---A- C:\Documents And Settings\Amidala\Cookies\index.dat [344064] O61 - LFC:Last File Created 24/04/2010 - 10:35:01 ---A- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\index.dat [1015808] O61 - LFC:Last File Created 24/04/2010 - 10:35:03 ---A- C:\Documents And Settings\Amidala\Local Settings\Temp\java_install_reg.log [21456] O61 - LFC:Last File Created 24/04/2010 - 10:35:20 -SHA- C:\Documents And Settings\Amidala\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [16384] O61 - LFC:Last File Created 24/04/2010 - 10:35:20 -SHA- C:\Documents And Settings\Amidala\Local Settings\Historique\History.IE5\MSHist012010042420100425\index.dat [32768] O61 - LFC:Last File Created 24/04/2010 - 10:35:25 ---A- C:\Documents And Settings\Amidala\Application Data\Sun\Java\Deployment\cache\6.0\32\6c34baa0-59311a94.idx [440] O61 - LFC:Last File Created 24/04/2010 - 10:35:32 ---A- C:\Documents And Settings\Amidala\Application Data\Sun\Java\Deployment\cache\6.0\24\2a20e358-282f493e.idx [441] O61 - LFC:Last File Created 24/04/2010 - 10:35:45 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@vente-privee[1].txt [109] O61 - LFC:Last File Created 24/04/2010 - 10:36:14 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@fr.vente-privee[1].txt [253] O61 - LFC:Last File Created 24/04/2010 - 10:41:46 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@123bounce[2].txt [186] O61 - LFC:Last File Created 24/04/2010 - 10:43:50 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@zebulon[1].txt [499] O61 - LFC:Last File Created 24/04/2010 - 10:43:51 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@forum.zebulon[2].txt [389] O61 - LFC:Last File Created 24/04/2010 - 10:44:08 ---A- C:\Documents And Settings\Amidala\Cookies\amidala@www.zebulon[2].txt [415] O61 - LFC:Last File Created 24/04/2010 - 10:44:16 ---A- C:\Documents And Settings\Amidala\Application Data\Macromedia\Flash Player\#SharedObjects\DGCEQ78M\cdn5.specificclick.net\img\gu.sol [69] O61 - LFC:Last File Created 24/04/2010 - 10:46:07 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [675] O61 - LFC:Last File Created 24/04/2010 - 10:46:08 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [670] O61 - LFC:Last File Created 27/05/2002 - 11:22:00 ---A- C:\Documents And Settings\Amidala\Mes documents\Kobian_KM266\Pilotes\P4M266_Sound_170c\_INST32I.EX_ [296674] ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe - Lavasoft Ad-Aware Service (aawservice) .(.Lavasoft - Ad-Aware Service.) - LEGACY_AAWSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe - Adobe LM Service (Adobe LM Service) .(.Adobe Systems - System Level Service Utility.) - LEGACY_ADOBE_LM_SERVICE O64 - Services: CurCS - C:\WINDOWS\system32\ANIO.sys - ANIO Service (ANIO) .(.Alpha Networks Inc. - ANIO (NT5) Driver.) - LEGACY_ANIO O64 - Services: CurCS - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe - ANIWZCSd Service (ANIWZCSdService) .(.Wireless Service - ANIWZCS2 Service Launcher.) - LEGACY_ANIWZCSDSERVICE O64 - Services: CurCS - (.not file.) - AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULER O64 - Services: CurCS - (.not file.) - AntiVir PersonalEdition Classic Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\system32\ati2sgag.exe - ATI Smart (ATI Smart) .(.Pas de propriétaire - ATI Smart.) - LEGACY_ATI_SMART O64 - Services: CurCS - (.not file.) - Center Microsoft (atzvd) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATZVD O64 - Services: CurCS - C:\WINDOWS\sysTEM32\DRIVERS\avgntdd.sys - avgntdd (avgntdd) .(.Avira GmbH - Avira AntiVir File Filter Driver.) - LEGACY_AVGNTDD O64 - Services: CurCS - C:\WINDOWS\sysTEM32\drivers\avgntmgr.sys - avgntmgr (avgntmgr) .(.Avira GmbH - Avira AntiVir File Filter Driver Manager.) - LEGACY_AVGNTMGR O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - (.not file.) - Monitor Security (monpgllh) .(.Pas de propriétaire - Pas de description.) - LEGACY_MONPGLLH O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\WINDOWS\system32\ntsim.sys - NTSIM (NTSIM) .(.VIA Networking Technologies, Inc. - Network Device Monitor Utility.) - LEGACY_NTSIM O64 - Services: CurCS - (.not file.) - Shell Security (oxvcozudm) .(.Pas de propriétaire - Pas de description.) - LEGACY_OXVCOZUDM O64 - Services: CurCS - (.not file.) - PAGEDFRG (PAGEDFRG) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAGEDFRG O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - C:\Program Files\CyberLink\Shared files\RichVideo.exe - Cyberlink RichVideo Service(CRVS) (RichVideo) .(.Pas de propriétaire - RichVideo Module.) - LEGACY_RICHVIDEO O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\YRZEQF.sys - yrzeqf (yrzeqf) .(.Pas de propriétaire - Pas de description.) - LEGACY_YRZEQF O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\YXHMAWJA.sys - yxhmawja (yxhmawja) .(.Pas de propriétaire - Pas de description.) - LEGACY_YXHMAWJA ---\\ Liste des fichiers non signés (LUF) (O65) O65 - LUF:22/01/2008 (.Pas de propriétaire - ATI Smart.) (5.13.0027) - c:\windows\system32\ati2sgag.exe O65 - LUF:27/10/2005 (.Pas de propriétaire - JJAKEn Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\JJAKEn.dll O65 - LUF:11/09/2008 (.Pas de propriétaire - WlanApp Dynamic Link Library.) (1, 1, 9, 911) - c:\windows\system32\wlanapp.dll ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <Avant Browser> <Avant Browser>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe O68 - StartMenuInternet: <avant.exe> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK End of the scan (984 lines in 27mn 05s) -------------------------------------------------------------------------------------------------------------------- Avira AntiVir Personal Report file date: mercredi 21 avril 2010 21:43 Scanning for 2026905 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 2) [5.1.2600] Boot mode : Normally booted Username : Amidala Computer name : STAR-B163D8EDF5 Version information: BUILD.DAT : 10.0.0.565 32097 Bytes 12/04/2010 16:29:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 01/04/2010 11:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 11:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 07/03/2010 17:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 22:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 18:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 16:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 15:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 10:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 19:42:14 VBASE006.VDF : 7.10.6.83 2048 Bytes 15/04/2010 19:42:14 VBASE007.VDF : 7.10.6.84 2048 Bytes 15/04/2010 19:42:14 VBASE008.VDF : 7.10.6.85 2048 Bytes 15/04/2010 19:42:14 VBASE009.VDF : 7.10.6.86 2048 Bytes 15/04/2010 19:42:15 VBASE010.VDF : 7.10.6.87 2048 Bytes 15/04/2010 19:42:15 VBASE011.VDF : 7.10.6.88 2048 Bytes 15/04/2010 19:42:15 VBASE012.VDF : 7.10.6.89 2048 Bytes 15/04/2010 19:42:15 VBASE013.VDF : 7.10.6.90 2048 Bytes 15/04/2010 19:42:15 VBASE014.VDF : 7.10.6.123 126464 Bytes 19/04/2010 19:42:16 VBASE015.VDF : 7.10.6.152 123392 Bytes 21/04/2010 19:42:16 VBASE016.VDF : 7.10.6.153 2048 Bytes 21/04/2010 19:42:16 VBASE017.VDF : 7.10.6.154 2048 Bytes 21/04/2010 19:42:16 VBASE018.VDF : 7.10.6.155 2048 Bytes 21/04/2010 19:42:17 VBASE019.VDF : 7.10.6.156 2048 Bytes 21/04/2010 19:42:17 VBASE020.VDF : 7.10.6.157 2048 Bytes 21/04/2010 19:42:17 VBASE021.VDF : 7.10.6.158 2048 Bytes 21/04/2010 19:42:17 VBASE022.VDF : 7.10.6.159 2048 Bytes 21/04/2010 19:42:17 VBASE023.VDF : 7.10.6.160 2048 Bytes 21/04/2010 19:42:17 VBASE024.VDF : 7.10.6.161 2048 Bytes 21/04/2010 19:42:17 VBASE025.VDF : 7.10.6.162 2048 Bytes 21/04/2010 19:42:17 VBASE026.VDF : 7.10.6.163 2048 Bytes 21/04/2010 19:42:17 VBASE027.VDF : 7.10.6.164 2048 Bytes 21/04/2010 19:42:17 VBASE028.VDF : 7.10.6.165 2048 Bytes 21/04/2010 19:42:17 VBASE029.VDF : 7.10.6.166 2048 Bytes 21/04/2010 19:42:17 VBASE030.VDF : 7.10.6.167 2048 Bytes 21/04/2010 19:42:17 VBASE031.VDF : 7.10.6.169 58368 Bytes 21/04/2010 19:42:18 Engineversion : 8.2.1.220 AEVDF.DLL : 8.1.1.3 106868 Bytes 13/02/2010 11:16:21 AESCRIPT.DLL : 8.1.3.26 1286521 Bytes 21/04/2010 19:42:26 AESCN.DLL : 8.1.5.0 127347 Bytes 25/02/2010 17:38:41 AESBX.DLL : 8.1.2.1 254323 Bytes 17/03/2010 10:09:47 AERDL.DLL : 8.1.4.6 541043 Bytes 21/04/2010 19:42:25 AEPACK.DLL : 8.2.1.1 426358 Bytes 19/03/2010 11:34:51 AEOFFICE.DLL : 8.1.0.41 201083 Bytes 17/03/2010 10:09:46 AEHEUR.DLL : 8.1.1.24 2613623 Bytes 21/04/2010 19:42:24 AEHELP.DLL : 8.1.11.3 242039 Bytes 01/04/2010 15:05:25 AEGEN.DLL : 8.1.3.7 373106 Bytes 21/04/2010 19:42:19 AEEMU.DLL : 8.1.1.0 393587 Bytes 10/11/2009 08:04:22 AECORE.DLL : 8.1.13.1 188790 Bytes 01/04/2010 15:05:25 AEBB.DLL : 8.1.0.3 53618 Bytes 10/09/2009 11:15:06 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14/01/2010 11:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 14/01/2010 11:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 18/02/2010 15:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 01/04/2010 11:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01/04/2010 11:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 01/04/2010 11:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26/01/2010 08:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28/01/2010 11:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16/03/2010 14:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 19/02/2010 13:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 12:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 09/04/2010 13:14:29 Configuration settings for the scan: Jobname.............................: Short system scan after installation Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Process scan........................: on Scan registry.......................: on Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Start of the scan: mercredi 21 avril 2010 21:43 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avnotify.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avconfig.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'setup.exe' - '1' Module(s) have been scanned Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'presetup.exe' - '1' Module(s) have been scanned Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RichVideo.exe' - '1' Module(s) have been scanned Scan process 'MDM.EXE' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned Scan process 'CRSSupervisor.exe' - '1' Module(s) have been scanned Scan process 'MagicKey.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'MediaDetect.exe' - '1' Module(s) have been scanned Scan process 'WZCSLDR2.exe' - '1' Module(s) have been scanned Scan process 'AirPlusCFG.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'RunDll32.exe' - '1' Module(s) have been scanned Scan process 'issch.exe' - '1' Module(s) have been scanned Scan process 'Explorer.EXE' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Starting to scan executable files (registry). C:\Documents and Settings\Amidala\Menu Démarrer\Programmes\Démarrage\monxga32.exe [WARNING] The file could not be opened! The registry was scanned ( '485' files ). End of the scan: mercredi 21 avril 2010 21:58 Used time: 14:17 Minute(s) The scan has been done completely. 0 Scanned directories 964 Files were scanned 0 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 0 Files were moved to quarantine 0 Files were renamed 1 Files cannot be scanned 963 Files not concerned 3 Archives were scanned 1 Warnings 0 Notes
- le 26 avril 2010
- 1 réponse

Connexion

pakie

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par pakie

Infection Monwga32.exe

Zebulon

Outils en ligne

Naviguer