Aller au contenu

babdou

Membres
  • Compteur de contenus

    15
  • Inscription

  • Dernière visite

  • Jours gagnés

    1

babdou a gagné pour la dernière fois le 18 août 2010

babdou a eu le contenu le plus aimé !

babdou's Achievements

Junior Member

Junior Member (3/12)

1

Réputation sur la communauté

  1. bonsoir; la situation s'est améliorée. Merci et bon courage.
  2. Bonjour; ci joint le rapport OTL Lien CJoint.com BAjoiHg9wbL Pour l'antivirus et le pare-feu, j'installes et vous tiendrais au courant. Merci pour votre disponibilité; Bonne journée.
  3. bonsoir, Ci joint les rapports OTL Lien CJoint.com 3Aiv1ABMs30 Lien CJoint.com BAiv2DOeK0H et de l'analyse Combofix ComboFix 12-01-06.01 - abdou 08/01/2012 20:28:41.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1256.33.1036.18.511.184 [GMT 1:00] Running from: c:\documents and settings\abdou\Bureau\ComboFix.exe Command switches used :: c:\documents and settings\abdou\Bureau\CFScript.txt * Created a new restore point . FILE :: "c:\windows\Tasks\WGASetup.job" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\Tasks\WGASetup.job . . ((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 ))))))))))))))))))))))))))))))) . . 2012-01-08 19:21 . 2012-01-08 19:21 -------- d-----w- c:\windows\LastGood 2012-01-05 12:00 . 2012-01-05 12:00 -------- dc----w- C:\7308e5c1d37ea20af80d4ea6 2012-01-04 20:49 . 2012-01-05 12:07 -------- dc----w- C:\ZHP 2012-01-04 18:10 . 2012-01-04 18:12 -------- dc----w- C:\e4a77066d509af7779219b4a1d 2012-01-04 17:15 . 2012-01-05 06:50 -------- d-----w- c:\program files\ZHPDiag 2012-01-04 14:36 . 2012-01-04 15:20 -------- dc----w- C:\khaoula 2012-01-04 13:50 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2011-12-30 17:53 . 2006-10-22 14:06 208896 ----a-w- c:\windows\system32\NVUNINST.EXE 2011-12-30 17:52 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2011-12-30 17:52 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2011-12-30 17:52 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2011-12-30 17:52 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2011-12-30 17:52 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2011-12-30 17:52 . 2011-12-30 17:52 188548 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2011-12-30 17:51 . 2011-12-30 17:51 311428 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2011-12-30 17:49 . 2011-12-30 17:49 -------- dc----w- C:\NVIDIA 2011-12-30 17:43 . 2011-12-30 17:44 -------- d-----w- c:\program files\SystemRequirementsLab 2011-12-27 21:09 . 2011-12-27 21:09 -------- d-----w- c:\windows\system32\wbem\Repository . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-28 05:31 . 2004-08-05 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-05 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-04 00:49 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2004-08-05 12:00 186880 ----a-w- c:\windows\system32\encdec.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-01-06_20.57.00 ))))))))))))))))))))))))))))))))))))))))) . + 2004-08-05 12:00 . 2012-01-08 19:13 81392 c:\windows\system32\perfc00C.dat + 2004-08-05 12:00 . 2012-01-08 19:13 68228 c:\windows\system32\perfc009.dat + 2004-08-05 12:00 . 2012-01-08 19:13 502634 c:\windows\system32\perfh00C.dat + 2004-08-05 12:00 . 2012-01-08 19:13 434578 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "nwiz"="nwiz.exe" [2006-10-22 1622016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk backup=c:\windows\pss\BlueSoleil.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk backup=c:\windows\pss\DSLMON.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^PalTalk.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\PalTalk.lnk backup=c:\windows\pss\PalTalk.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2007-10-18 11:34 5724184 -c--a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 10:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] 2006-03-30 16:45 313472 -c--a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 . R0 ALiAGP;ALi AGP Bus Filter Driver;c:\windows\system32\drivers\ALiAGP.SYS [19/04/2006 23:44 29056] . Contents of the 'Scheduled Tasks' folder . 2012-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1960408961-1801674531-1003Core.job - c:\documents and settings\abdou\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-03 20:37] . 2012-01-06 c:\windows\Tasks\User_Feed_Synchronization-{20B6B1F0-FBBB-459C-B3C6-0D0324843251}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://menara.ma/fr/Accueil . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-08 20:36 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1123561945-1960408961-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . Completion time: 2012-01-08 20:40:06 ComboFix-quarantined-files.txt 2012-01-08 19:40 ComboFix2.txt 2012-01-06 21:27 . Pre-Run: 60 071 006 208 octets libres Post-Run: 60 077 621 248 octets libres . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect . - - End Of File - - 149834B98F38FAA93346BFBB3B35B4BE Merci infiniment. PS: après la suppression de F-secure le pc réponds nettement mieux !
  4. Bonsoir, Je n'arrivais pas à bloquer complètement mon anti-virus, la case scan en temps réel est grisée. voici les 02 rapports: ComboFix 12-01-06.01 - abdou 06/01/2012 20:34:54.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1256.33.1036.18.511.132 [GMT 1:00] Running from: c:\documents and settings\abdou\Bureau\ComboFix.exe * Resident AV is active . . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\abdou\WINDOWS c:\documents and settings\All Users.WINDOWS\Application Data\TEMP c:\program files\Internet Explorer\fxavx.ini c:\windows\bwUnin-6.1.4.68-8876480L.exe c:\windows\bwUnin-7.2.0.157-8876480SL.exe c:\windows\msskinner c:\windows\system32\SET12E2.tmp c:\windows\system32\SET12EB.tmp c:\windows\system32\Thumbs.db c:\windows\system32\TZLog.log . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_USNJSVC -------\Service_usnjsvc . . ((((((((((((((((((((((((( Files Created from 2011-12-06 to 2012-01-06 ))))))))))))))))))))))))))))))) . . 2012-01-05 12:00 . 2012-01-05 12:00 -------- dc----w- C:\7308e5c1d37ea20af80d4ea6 2012-01-04 20:49 . 2012-01-05 12:07 -------- dc----w- C:\ZHP 2012-01-04 18:10 . 2012-01-04 18:12 -------- dc----w- C:\e4a77066d509af7779219b4a1d 2012-01-04 17:15 . 2012-01-05 06:50 -------- d-----w- c:\program files\ZHPDiag 2012-01-04 14:36 . 2012-01-04 15:20 -------- dc----w- C:\khaoula 2011-12-30 17:53 . 2006-10-22 14:06 208896 ----a-w- c:\windows\system32\NVUNINST.EXE 2011-12-30 17:52 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll 2011-12-30 17:52 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll 2011-12-30 17:52 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll 2011-12-30 17:52 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe 2011-12-30 17:52 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll 2011-12-30 17:52 . 2011-12-30 17:52 188548 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll 2011-12-30 17:51 . 2011-12-30 17:51 311428 ----a-w- c:\program files\Fichiers communs\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll 2011-12-30 17:49 . 2011-12-30 17:49 -------- dc----w- C:\NVIDIA 2011-12-30 17:43 . 2011-12-30 17:44 -------- d-----w- c:\program files\SystemRequirementsLab 2011-12-27 21:09 . 2011-12-27 21:09 -------- d-----w- c:\windows\system32\wbem\Repository . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-28 05:31 . 2004-08-05 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-26 10:50 . 2004-08-05 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 10:50 . 2004-08-04 00:49 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13 . 2004-08-05 12:00 186880 ----a-w- c:\windows\system32\encdec.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "nwiz"="nwiz.exe" [2006-10-22 1622016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2007-06-20 176177] "F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2007-06-20 724992] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^BlueSoleil.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\BlueSoleil.lnk backup=c:\windows\pss\BlueSoleil.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^DSLMON.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk backup=c:\windows\pss\DSLMON.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^PalTalk.lnk] path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\PalTalk.lnk backup=c:\windows\pss\PalTalk.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:33 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2007-10-18 11:34 5724184 -c--a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 10:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] 2006-03-30 16:45 313472 -c--a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 . R4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2007-06-20 33024] R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2007-06-20 18432] S0 ALiAGP;ALi AGP Bus Filter Driver;c:\windows\system32\DRIVERS\ALiAGP.sys [2003-08-05 29056] S0 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [2007-06-20 50240] S1 F-Secure HIPS;F-Secure HIPS;c:\program files\F-Secure\HIPS\fshs.sys [2007-06-20 41952] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2007-06-20 51712] . . Contents of the 'Scheduled Tasks' folder . 2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1960408961-1801674531-1003Core.job - c:\documents and settings\abdou\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-03 20:37] . 2010-10-26 c:\windows\Tasks\User_Feed_Synchronization-{20B6B1F0-FBBB-459C-B3C6-0D0324843251}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 03:31] . 2010-10-26 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2010-01-11 21:18] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://menara.ma/fr/Accueil uInternet Settings,ProxyOverride = <local>;*.local LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . HKU-Default-Run-PoivY - c:\program files\poivy.com\poivy\poivy.exe HKU-Default-Run-VoipBuster - c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe HKU-Default-Run-InternetCalls - c:\program files\InternetCalls.com\InternetCalls\InternetCalls.exe MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe MSConfigStartUp-FreeCall - c:\program files\FreeCall.com\FreeCall\FreeCall.exe MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe MSConfigStartUp-InternetCalls - c:\program files\InternetCalls.com\InternetCalls\InternetCalls.exe MSConfigStartUp-LogitechSoftwareUpdate - c:\program files\Logitech\Video\ManifestEngine.exe MSConfigStartUp-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe MSConfigStartUp-LogitechVideoTray - c:\program files\Logitech\Video\LogiTray.exe MSConfigStartUp-LowRateVoip - c:\program files\LowRateVoip\LowRateVoip.exe MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe MSConfigStartUp-Sony Ericsson PC Suite - c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-TkBellExe - c:\program files\Fichiers communs\Real\Update_OB\realsched.exe AddRemove-Toyland - E:\setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-01-06 21:56 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1123561945-1960408961-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(684) c:\program files\F-Secure\FSPS\program\FSLSP.DLL . - - - - - - - > 'explorer.exe'(2152) c:\progra~1\WINDOW~3\wmpband.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe c:\program files\F-Secure\Anti-Virus\fsgk32st.exe c:\program files\F-Secure\Anti-Virus\FSGK32.EXE c:\program files\F-Secure\Common\FSMA32.EXE c:\windows\system32\nvsvc32.exe c:\program files\F-Secure\Common\FSMB32.EXE c:\windows\system32\wdfmgr.exe c:\program files\F-Secure\Common\FCH32.EXE c:\program files\F-Secure\Anti-Virus\fsqh.exe c:\program files\F-Secure\Common\FAMEH32.EXE c:\program files\F-Secure\Common\FNRB32.EXE c:\program files\F-Secure\Anti-Virus\fssm32.exe c:\program files\F-Secure\Common\FIH32.EXE c:\program files\F-Secure\FSAUA\program\fsaua.exe c:\program files\F-Secure\FWES\Program\fsdfwd.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE . ************************************************************************** . Completion time: 2012-01-06 22:27:02 - machine was rebooted ComboFix-quarantined-files.txt 2012-01-06 21:26 . Pre-Run: 58 478 764 032 octets libres Post-Run: 59 866 800 128 octets libres . - - End Of File - - 1C83E16ECF41B0ED5FCBCBBF4FB5473B 22:32:14.0453 0456 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16 22:32:15.0015 0456 ============================================================ 22:32:15.0015 0456 Current date / time: 2012/01/06 22:32:15.0015 22:32:15.0015 0456 SystemInfo: 22:32:15.0015 0456 22:32:15.0015 0456 OS Version: 5.1.2600 ServicePack: 3.0 22:32:15.0015 0456 Product type: Workstation 22:32:15.0015 0456 ComputerName: PC-DE-ABDOU 22:32:15.0015 0456 UserName: abdou 22:32:15.0015 0456 Windows directory: C:\WINDOWS 22:32:15.0015 0456 System windows directory: C:\WINDOWS 22:32:15.0015 0456 Processor architecture: Intel x86 22:32:15.0015 0456 Number of processors: 2 22:32:15.0015 0456 Page size: 0x1000 22:32:15.0015 0456 Boot type: Safe boot with network 22:32:15.0015 0456 ============================================================ 22:32:17.0250 0456 Initialize success 22:32:21.0578 0552 ============================================================ 22:32:21.0578 0552 Scan started 22:32:21.0578 0552 Mode: Manual; 22:32:21.0578 0552 ============================================================ 22:32:22.0734 0552 Abiosdsk - ok 22:32:22.0875 0552 abp480n5 - ok 22:32:23.0046 0552 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 22:32:23.0062 0552 ACPI - ok 22:32:23.0203 0552 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 22:32:23.0203 0552 ACPIEC - ok 22:32:23.0390 0552 ADILOADER - ok 22:32:23.0562 0552 adiusbaw - ok 22:32:23.0671 0552 adpu160m - ok 22:32:23.0828 0552 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys 22:32:23.0828 0552 aeaudio - ok 22:32:23.0984 0552 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 22:32:24.0000 0552 aec - ok 22:32:24.0140 0552 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 22:32:24.0156 0552 AFD - ok 22:32:24.0296 0552 Aha154x - ok 22:32:24.0421 0552 aic78u2 - ok 22:32:24.0562 0552 aic78xx - ok 22:32:24.0750 0552 ALiAGP (cab781668a204f5b8cea4de7d9e57921) C:\WINDOWS\system32\DRIVERS\ALiAGP.sys 22:32:24.0765 0552 ALiAGP - ok 22:32:24.0921 0552 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 22:32:24.0921 0552 AliIde - ok 22:32:25.0031 0552 amsint - ok 22:32:25.0218 0552 asc - ok 22:32:25.0343 0552 asc3350p - ok 22:32:25.0468 0552 asc3550 - ok 22:32:25.0750 0552 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:32:25.0750 0552 AsyncMac - ok 22:32:25.0906 0552 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 22:32:25.0906 0552 atapi - ok 22:32:26.0046 0552 Atdisk - ok 22:32:26.0203 0552 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 22:32:26.0218 0552 Atmarpc - ok 22:32:26.0359 0552 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 22:32:26.0359 0552 audstub - ok 22:32:26.0515 0552 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 22:32:26.0531 0552 Beep - ok 22:32:26.0718 0552 BlueletAudio (04e84c8049ee93614a2ff6d676d1e247) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 22:32:26.0734 0552 BlueletAudio - ok 22:32:26.0953 0552 BT (d1813668a0117ae05bc0b81c874f91d4) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys 22:32:26.0968 0552 BT - ok 22:32:27.0109 0552 Btcsrusb (7304acc25455746912de37d7ded387ed) C:\WINDOWS\system32\Drivers\btcusb.sys 22:32:27.0125 0552 Btcsrusb - ok 22:32:27.0265 0552 BTHidEnum (161969d2dd1d39cd2f1edbc60c61fa99) C:\WINDOWS\system32\DRIVERS\vbtenum.sys 22:32:27.0281 0552 BTHidEnum - ok 22:32:27.0421 0552 BTHidMgr (a9164c2a39bd917b9f42ae087560ac3d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys 22:32:27.0437 0552 BTHidMgr - ok 22:32:27.0609 0552 BTNetFilter (6b05fdc0cfc3753b520d2d4176cc32d0) C:\WINDOWS\system32\drivers\BTNetFilter.sys 22:32:27.0625 0552 BTNetFilter - ok 22:32:27.0656 0552 catchme - ok 22:32:27.0843 0552 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 22:32:27.0859 0552 cbidf2k - ok 22:32:28.0000 0552 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 22:32:28.0015 0552 CCDECODE - ok 22:32:28.0125 0552 cd20xrnt - ok 22:32:28.0281 0552 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 22:32:28.0281 0552 Cdaudio - ok 22:32:28.0437 0552 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 22:32:28.0437 0552 Cdfs - ok 22:32:28.0578 0552 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 22:32:28.0578 0552 Cdrom - ok 22:32:28.0671 0552 Changer - ok 22:32:28.0875 0552 CmdIde - ok 22:32:29.0093 0552 Cpqarray - ok 22:32:29.0250 0552 dac2w2k - ok 22:32:29.0375 0552 dac960nt - ok 22:32:29.0625 0552 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 22:32:29.0625 0552 Disk - ok 22:32:29.0812 0552 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 22:32:29.0828 0552 dmboot - ok 22:32:30.0000 0552 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 22:32:30.0000 0552 dmio - ok 22:32:30.0125 0552 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 22:32:30.0125 0552 dmload - ok 22:32:30.0265 0552 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 22:32:30.0281 0552 DMusic - ok 22:32:30.0484 0552 dpti2o - ok 22:32:30.0656 0552 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 22:32:30.0656 0552 drmkaud - ok 22:32:30.0796 0552 EIO (4e60d89388edbb852112fd63779d4274) C:\WINDOWS\system32\drivers\EIO.sys 22:32:30.0812 0552 EIO - ok 22:32:31.0078 0552 F-Secure Filter (92aff57434829a8dd2b25b60f69362ec) C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys 22:32:31.0125 0552 F-Secure Filter - ok 22:32:31.0234 0552 F-Secure Gatekeeper (b1f68089bf213f95b58b9ced116f2368) C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys 22:32:31.0250 0552 F-Secure Gatekeeper - ok 22:32:31.0390 0552 F-Secure HIPS (7d7c94de4f2952c09f494bd724905dd1) C:\Program Files\F-Secure\HIPS\fshs.sys 22:32:31.0406 0552 F-Secure HIPS - ok 22:32:31.0593 0552 F-Secure Recognizer (73a1f2b37d316f59e0dd555b9aad6276) C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys 22:32:31.0609 0552 F-Secure Recognizer - ok 22:32:31.0750 0552 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 22:32:31.0750 0552 Fastfat - ok 22:32:31.0921 0552 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 22:32:31.0921 0552 Fdc - ok 22:32:32.0046 0552 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 22:32:32.0062 0552 Fips - ok 22:32:32.0187 0552 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 22:32:32.0187 0552 Flpydisk - ok 22:32:32.0343 0552 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 22:32:32.0359 0552 FltMgr - ok 22:32:32.0578 0552 FSFW (d7f324c303143cf295768e9311da1f8e) C:\WINDOWS\system32\drivers\fsdfw.sys 22:32:32.0593 0552 FSFW - ok 22:32:32.0718 0552 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:32:32.0734 0552 Fs_Rec - ok 22:32:32.0875 0552 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 22:32:32.0875 0552 Ftdisk - ok 22:32:33.0031 0552 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys 22:32:33.0031 0552 gameenum - ok 22:32:33.0171 0552 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 22:32:33.0187 0552 Gpc - ok 22:32:33.0421 0552 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 22:32:33.0437 0552 HidUsb - ok 22:32:33.0578 0552 hpn - ok 22:32:33.0750 0552 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 22:32:33.0765 0552 HTTP - ok 22:32:33.0921 0552 i2omgmt - ok 22:32:34.0046 0552 i2omp - ok 22:32:34.0187 0552 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 22:32:34.0203 0552 i8042prt - ok 22:32:34.0328 0552 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 22:32:34.0343 0552 Imapi - ok 22:32:34.0515 0552 ini910u - ok 22:32:34.0687 0552 IntelIde - ok 22:32:34.0843 0552 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 22:32:34.0859 0552 intelppm - ok 22:32:34.0984 0552 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 22:32:35.0000 0552 Ip6Fw - ok 22:32:35.0140 0552 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:32:35.0140 0552 IpFilterDriver - ok 22:32:35.0281 0552 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 22:32:35.0296 0552 IpInIp - ok 22:32:35.0453 0552 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 22:32:35.0453 0552 IpNat - ok 22:32:35.0593 0552 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 22:32:35.0609 0552 IPSec - ok 22:32:35.0734 0552 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 22:32:35.0750 0552 IRENUM - ok 22:32:35.0937 0552 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 22:32:35.0953 0552 isapnp - ok 22:32:36.0078 0552 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 22:32:36.0078 0552 Kbdclass - ok 22:32:36.0250 0552 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 22:32:36.0265 0552 kmixer - ok 22:32:36.0406 0552 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 22:32:36.0421 0552 KSecDD - ok 22:32:36.0546 0552 lbrtfdc - ok 22:32:36.0781 0552 LVUSBSta - ok 22:32:36.0968 0552 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 22:32:36.0968 0552 mnmdd - ok 22:32:37.0140 0552 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 22:32:37.0156 0552 Modem - ok 22:32:37.0296 0552 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 22:32:37.0312 0552 Mouclass - ok 22:32:37.0468 0552 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 22:32:37.0484 0552 mouhid - ok 22:32:37.0625 0552 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 22:32:37.0640 0552 MountMgr - ok 22:32:37.0750 0552 mraid35x - ok 22:32:37.0890 0552 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 22:32:37.0906 0552 MRxDAV - ok 22:32:38.0125 0552 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 22:32:38.0125 0552 Msfs - ok 22:32:38.0281 0552 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:32:38.0296 0552 MSKSSRV - ok 22:32:38.0437 0552 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:32:38.0437 0552 MSPCLOCK - ok 22:32:38.0593 0552 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 22:32:38.0593 0552 MSPQM - ok 22:32:38.0750 0552 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 22:32:38.0750 0552 mssmbios - ok 22:32:38.0890 0552 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 22:32:38.0890 0552 MSTEE - ok 22:32:39.0015 0552 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys 22:32:39.0015 0552 ms_mpu401 - ok 22:32:39.0171 0552 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 22:32:39.0187 0552 Mup - ok 22:32:39.0328 0552 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 22:32:39.0328 0552 NABTSFEC - ok 22:32:39.0531 0552 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 22:32:39.0531 0552 NDIS - ok 22:32:39.0703 0552 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 22:32:39.0718 0552 NdisIP - ok 22:32:39.0859 0552 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:32:39.0875 0552 NdisTapi - ok 22:32:40.0015 0552 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:32:40.0015 0552 Ndisuio - ok 22:32:40.0156 0552 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:32:40.0171 0552 NdisWan - ok 22:32:40.0312 0552 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 22:32:40.0312 0552 NDProxy - ok 22:32:40.0453 0552 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 22:32:40.0468 0552 NetBT - ok 22:32:40.0968 0552 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys 22:32:40.0984 0552 nmwcd - ok 22:32:41.0156 0552 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys 22:32:41.0156 0552 nmwcdc - ok 22:32:41.0343 0552 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys 22:32:41.0343 0552 nmwcdcm - ok 22:32:41.0468 0552 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 22:32:41.0468 0552 Npfs - ok 22:32:41.0640 0552 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 22:32:41.0703 0552 Ntfs - ok 22:32:41.0843 0552 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 22:32:41.0859 0552 Null - ok 22:32:42.0140 0552 nv (ba1b732c1a70cfea0c1b64f2850bf44f) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 22:32:42.0265 0552 nv - ok 22:32:42.0437 0552 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 22:32:42.0453 0552 NwlnkFlt - ok 22:32:42.0625 0552 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 22:32:42.0625 0552 NwlnkFwd - ok 22:32:42.0781 0552 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 22:32:42.0796 0552 Parport - ok 22:32:42.0937 0552 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 22:32:42.0937 0552 PartMgr - ok 22:32:43.0046 0552 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 22:32:43.0062 0552 ParVdm - ok 22:32:43.0203 0552 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 22:32:43.0218 0552 PCI - ok 22:32:43.0343 0552 PCIDump - ok 22:32:43.0453 0552 PCIIde - ok 22:32:43.0609 0552 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 22:32:43.0625 0552 Pcmcia - ok 22:32:43.0781 0552 PDCOMP - ok 22:32:43.0906 0552 PDFRAME - ok 22:32:44.0046 0552 PDRELI - ok 22:32:44.0187 0552 PDRFRAME - ok 22:32:44.0312 0552 perc2 - ok 22:32:44.0453 0552 perc2hib - ok 22:32:44.0796 0552 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:32:44.0812 0552 PptpMiniport - ok 22:32:44.0984 0552 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 22:32:45.0000 0552 PSched - ok 22:32:45.0140 0552 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 22:32:45.0140 0552 Ptilink - ok 22:32:45.0265 0552 QCMerced - ok 22:32:45.0390 0552 ql1080 - ok 22:32:45.0500 0552 Ql10wnt - ok 22:32:45.0656 0552 ql12160 - ok 22:32:45.0781 0552 ql1240 - ok 22:32:45.0890 0552 ql1280 - ok 22:32:46.0046 0552 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:32:46.0046 0552 RasAcd - ok 22:32:46.0218 0552 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:32:46.0234 0552 Rasl2tp - ok 22:32:46.0390 0552 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:32:46.0406 0552 RasPppoe - ok 22:32:46.0531 0552 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 22:32:46.0546 0552 Raspti - ok 22:32:46.0671 0552 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 22:32:46.0687 0552 RDPCDD - ok 22:32:46.0843 0552 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 22:32:46.0859 0552 rdpdr - ok 22:32:47.0031 0552 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 22:32:47.0046 0552 RDPWD - ok 22:32:47.0234 0552 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 22:32:47.0234 0552 redbook - ok 22:32:47.0562 0552 RimSerPort (b177927edfb8fb8da62ee1dfbcefde54) C:\WINDOWS\system32\DRIVERS\RimSerial.sys 22:32:47.0578 0552 RimSerPort - ok 22:32:47.0703 0552 RimUsb - ok 22:32:47.0859 0552 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys 22:32:47.0859 0552 ROOTMODEM - ok 22:32:48.0109 0552 RT73 (c7bcf9808e2a1b4cabe16ff7fbce5fab) C:\WINDOWS\system32\DRIVERS\Dr71WU.sys 22:32:48.0140 0552 RT73 - ok 22:32:48.0328 0552 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\WINDOWS\system32\DRIVERS\s117bus.sys 22:32:48.0328 0552 s117bus - ok 22:32:48.0484 0552 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\WINDOWS\system32\DRIVERS\s117mdfl.sys 22:32:48.0500 0552 s117mdfl - ok 22:32:48.0640 0552 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\WINDOWS\system32\DRIVERS\s117mdm.sys 22:32:48.0640 0552 s117mdm - ok 22:32:48.0828 0552 s117mgmt (bd6483e64b1da17e812b34bcdefd9459) C:\WINDOWS\system32\DRIVERS\s117mgmt.sys 22:32:48.0843 0552 s117mgmt - ok 22:32:49.0015 0552 s117nd5 (c7ca36c3054b4cd47a1f6611b046e2f9) C:\WINDOWS\system32\DRIVERS\s117nd5.sys 22:32:49.0031 0552 s117nd5 - ok 22:32:49.0187 0552 s117obex (e290b3a6b58fb72ca97dd48d64e4fc1c) C:\WINDOWS\system32\DRIVERS\s117obex.sys 22:32:49.0187 0552 s117obex - ok 22:32:49.0359 0552 s117unic (5c4d1ba23c7511ac880e8ba7baa80dba) C:\WINDOWS\system32\DRIVERS\s117unic.sys 22:32:49.0375 0552 s117unic - ok 22:32:49.0656 0552 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 22:32:49.0656 0552 Secdrv - ok 22:32:49.0859 0552 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 22:32:49.0875 0552 serenum - ok 22:32:50.0015 0552 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys 22:32:50.0031 0552 Serial - ok 22:32:50.0281 0552 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 22:32:50.0296 0552 Sfloppy - ok 22:32:50.0468 0552 Simbad - ok 22:32:50.0656 0552 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 22:32:50.0671 0552 SLIP - ok 22:32:50.0843 0552 smwdm (f1b8248d5d7e151b8934cdef4424fb6e) C:\WINDOWS\system32\drivers\smwdm.sys 22:32:50.0875 0552 smwdm - ok 22:32:51.0062 0552 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 22:32:51.0062 0552 SONYPVU1 - ok 22:32:51.0187 0552 Sparrow - ok 22:32:51.0343 0552 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 22:32:51.0359 0552 splitter - ok 22:32:51.0531 0552 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 22:32:51.0531 0552 sr - ok 22:32:51.0734 0552 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 22:32:51.0750 0552 Srv - ok 22:32:51.0968 0552 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 22:32:51.0968 0552 streamip - ok 22:32:52.0125 0552 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 22:32:52.0140 0552 swenum - ok 22:32:52.0281 0552 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 22:32:52.0296 0552 swmidi - ok 22:32:52.0468 0552 symc810 - ok 22:32:52.0593 0552 symc8xx - ok 22:32:52.0734 0552 sym_hi - ok 22:32:52.0859 0552 sym_u3 - ok 22:32:53.0000 0552 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 22:32:53.0015 0552 sysaudio - ok 22:32:53.0218 0552 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:32:53.0234 0552 Tcpip - ok 22:32:53.0375 0552 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 22:32:53.0390 0552 TDPIPE - ok 22:32:53.0531 0552 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 22:32:53.0531 0552 TDTCP - ok 22:32:53.0718 0552 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 22:32:53.0718 0552 TermDD - ok 22:32:53.0937 0552 TosIde - ok 22:32:54.0171 0552 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 22:32:54.0171 0552 Udfs - ok 22:32:54.0281 0552 ultra - ok 22:32:54.0468 0552 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 22:32:54.0484 0552 Update - ok 22:32:54.0718 0552 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 22:32:54.0718 0552 usbaudio - ok 22:32:54.0890 0552 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 22:32:54.0890 0552 usbccgp - ok 22:32:55.0015 0552 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 22:32:55.0031 0552 usbehci - ok 22:32:55.0187 0552 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 22:32:55.0187 0552 usbhub - ok 22:32:55.0328 0552 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 22:32:55.0343 0552 usbohci - ok 22:32:55.0531 0552 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 22:32:55.0546 0552 usbprint - ok 22:32:55.0718 0552 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 22:32:55.0734 0552 USBSTOR - ok 22:32:55.0906 0552 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 22:32:55.0921 0552 usbvideo - ok 22:32:56.0093 0552 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys 22:32:56.0093 0552 VComm - ok 22:32:56.0250 0552 VcommMgr (630bbdbf5490f8f57abe650da63661a0) C:\WINDOWS\system32\Drivers\VcommMgr.sys 22:32:56.0265 0552 VcommMgr - ok 22:32:56.0406 0552 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 22:32:56.0421 0552 VgaSave - ok 22:32:56.0531 0552 ViaIde - ok 22:32:56.0687 0552 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 22:32:56.0687 0552 VolSnap - ok 22:32:56.0921 0552 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:32:56.0937 0552 Wanarp - ok 22:32:57.0046 0552 WDICA - ok 22:32:57.0203 0552 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 22:32:57.0203 0552 wdmaud - ok 22:32:57.0796 0552 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys 22:32:57.0812 0552 WpdUsb - ok 22:32:57.0968 0552 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 22:32:57.0984 0552 WS2IFSL - ok 22:32:58.0171 0552 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 22:32:58.0187 0552 WSTCODEC - ok 22:32:58.0546 0552 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0 22:32:58.0718 0552 \Device\Harddisk0\DR0 - ok 22:32:58.0765 0552 Boot (0x1200) (8128a57d087d30e5c26068238e531d9d) \Device\Harddisk0\DR0\Partition0 22:32:58.0765 0552 \Device\Harddisk0\DR0\Partition0 - ok 22:32:58.0781 0552 ============================================================ 22:32:58.0781 0552 Scan finished 22:32:58.0781 0552 ============================================================ 22:32:58.0859 0532 Detected object count: 0 22:32:58.0859 0532 Actual detected object count: 0 Merci encore et bonne nuit.
  5. Bonjour, ci joint le rapport , http://cjoint.com/?BAfi40UmEdH je travail en mode sans échec, je reviendrais en mode normal pour voir, et vous tiendrais au courant. Merci Edit Pas d’amélioration, je reviens en mode sans échec.
  6. Bonsoir et bonne année également, Désole pour la première réponse il m'est difficile d'utiliser mon Pc qui rame. Les raccourcis pour réponse n'apparaissent pas. J'ai téléchargé le logiciel je vous posterais le rapport une fois le diag effectué . Encore une fois merci pour la prise en charge. Impossible de travailler en mode normal, je passe en mode sans échec, c'est plus rapide,est ce qu'il y'a pas de problème? Ci-joint le rapport et merci encore Lien CJoint.com BAexqIqFOk2
  7. Bonsoir, Mon PC est devenu très très lent. L'ouverture de fichiers ou l'exécution de programmes est parfois impossible. Même l'ouverture de dossiers prend du temps et parfois ça bloque totalement. J'ai F-secure comme antivirus, qui n'a rien détecté. J'ai passé un coup de CCleaner, et toujours la même lenteur. Je voudrais de l'aide, SVP. Merci infiniment.
  8. Pardon pour la citation et merci de votre assisyance Le lien Kaspersky Virus Removal Tool Download ne marche pas ca donne serveur introuvable Merci pour autre lien
  9. Personne pour me venir en aide? Merci pour toute assistance eventuelle. Ci joint le rapport de MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4436 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 16/08/2010 22:22:40 mbam-log-2010-08-16 (22-22-40).txt Type d'examen: Examen rapide Elément(s) analysé(s): 124897 Temps écoulé: 4 minute(s), 40 seconde(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): C:\WINDOWS\Temp\winubwuob.exe (Trojan.Downloader) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amsint32 (Virus.Sality) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\Temp\winubwuob.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
  10. J'avais déja commencé le sujet et suite à un prombleme internet j'etais bloqué Le pc d'une amie est très infecté, impossible d'installer Fsecure, ni lancer ccleaner, il se ferme aussitot, et pas possible de passer en mode sans echec. Malwarbytes detecte 2 infections, les supprimes , et une fois nouvelle analyse lancée toujours 2 infections evec noms différents Merci de votre assistace
  11. Le rapport de ZHPdiag Rapport de ZHPDiag v1.26.24 par Nicolas Coolman, Update du 14/07/2010 Run by Marie Zim at 16/07/2010 14:38:47 Web site : ZHPDiag Outil de diagnostic Contact : [email protected] ---\\ Web Browser MSIE: Internet Explorer v6.0.2900.5512 ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1014 MB (56% free) System drive C: has 28 GB (62%) free of 44 GB ---\\ Logged in mode Computer Name: ACER-CAB9EEA47C User Name: Marie Zim All Users Names: SUPPORT_388945a0, Marie Zim, HelpAssistant, ASPNET, Administrateur, Unselected Option: None Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 44 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 45 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK ---\\ Processus lancés [MD5.F1B911E82E9D106E5ECF1226749F5395] - (.Intel Corporation - Intel® PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [176193] [MD5.258AAE33D014F930CEF8EAE6E6E758E4] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [602185] [MD5.E1EC228D87915050BDF59F6331AD7247] - (.Avocent Inc. - Service Program for Acer.) -- C:\Acer\Empowering Technology\admServ.exe [1314816] [MD5.4ECCB3C3A08EA1C0779A5394A5B7917E] - (.Pas de propriétaire - CLCapSvc Module.) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [311394] [MD5.61EA0C23160E39762B9808BC8633C7C8] - (.Cyberlink - NT CLMLServer.) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [122880] [MD5.67E5CB9376206E3B7113358A55744C22] - (.Cyberlink - Cyberlink MediaLibrary NT Service.) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe [1138816] [MD5.E4AE0CBC0B55A5FAA6996E38CE6C981B] - (.Oracle - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.7E44813A83F302A82A67AAAAFA0BC9CC] - (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [278604] [MD5.A76CDDB6D1F25797843E2557A2118E2E] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360] [MD5.D37FDF35F78AEC6FC6E682B935E1A448] - (.Pas de propriétaire - CLSched Module.) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [176224] [MD5.E17DC9CE01A102322044F16DD9DDD443] - (.Acer Inc - Acer EPM Device Manager.) -- C:\acer\Empowering Technology\ePower\epm-dm.exe [274432] [MD5.E312DA373B75F037ABBCDC06779DA93D] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [309992] [MD5.E491D25D82F4928138A0D8B3A6365C39] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\TEMP\winqptt.exe [8704] [MD5.56D6BF7CEA91A0E5DDF10E41C39F6992] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WinRAR\WinRAR.exe [881664] [MD5.EA58EC54663535B38BD5B7E976BABAC3] - (.Smallfrogs Studio - System Repair Engineer.) -- C:\DOCUME~1\MARIEZ~1\LOCALS~1\Temp\Rar$EX00.890\SREngLdr.EXE [1830424] [MD5.1DAA6EBAA9BBAD077923578CC2C552AF] - (.Smallfrogs Studio - System Repair Engineer.) -- C:\DOCUME~1\MARIEZ~1\LOCALS~1\Temp\Rar$EX00.890\SRE3e21a78f.EXE [1709600] [MD5.10C368EEA0D4A6DAA75A0A959A34FD29] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [475648] ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe, ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\system32\shdocvw.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Oracle - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - HKLM\..\Run: [Acer ePower Management] ; C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe (.not file.) O4 - HKLM\..\Run: [ADMTray.exe] ; C:\Acer\Empowering Technology\admtray.exe (.not file.) O4 - HKLM\..\Run: [Alcmtr] ; ALCMTR.EXE (.not file.) O4 - HKLM\..\Run: [bDAgent] ; C:\Program Files\Softwin\BitDefender10\bdagent.exe (.not file.) O4 - HKLM\..\Run: [bDMCon] ; C:\Program Files\Softwin\BitDefender10\bdmcon.exe (.not file.) O4 - HKLM\..\Run: [eDataSecurity Loader] ; C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (.not file.) O4 - HKLM\..\Run: [EPM-DM] ; c:\acer\Empowering Technology\ePower\epm-dm.exe (.not file.) O4 - HKLM\..\Run: [eRecoveryService] ; C:\Acer\Empowering Technology\eRecovery\Monitor.exe (.not file.) O4 - HKLM\..\Run: [igfxhkcmd] ; C:\WINDOWS\system32\hkcmd.exe (.not file.) O4 - HKLM\..\Run: [igfxpers] ; C:\WINDOWS\system32\igfxpers.exe (.not file.) O4 - HKLM\..\Run: [igfxtray] ; C:\WINDOWS\system32\igfxtray.exe (.not file.) O4 - HKLM\..\Run: [iMJPMIG8.1] ; C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe (.not file.) O4 - HKLM\..\Run: [LaunchApp] ; Alaunch (.not file.) O4 - HKLM\..\Run: [LManager] ; C:\PROGRA~1\LAUNCH~1\QtZgAcer.exe (.not file.) O4 - HKLM\..\Run: [MSPY2002] ; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe (.not file.) O4 - HKLM\..\Run: [PCMService] ; C:\Program Files\Acer\Acer Arcade\PCMService.exe (.not file.) O4 - HKLM\..\Run: [PHIME2002A] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe (.not file.) O4 - HKLM\..\Run: [PHIME2002ASync] ; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe (.not file.) O4 - HKLM\..\Run: [QuickTime Task] ; C:\Program Files\QuickTime\qttask.exe (.not file.) O4 - HKLM\..\Run: [RTHDCPL] ; RTHDCPL.EXE (.not file.) O4 - HKLM\..\Run: [sunJavaUpdateSched] ; C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (.not file.) O4 - HKLM\..\Run: [synTPEnh] ; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [synTPLpr] ; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (.not file.) O4 - HKCU\..\Run: [CTFMON.EXE] ; C:\WINDOWS\system32\ctfmon.exe (.not file.) O4 - HKCU\..\Run: [MSMSGS] ; C:\Program Files\Messenger\msmsgs.exe (.not file.) O4 - HKCU\..\Run: [WOOKIT] ; C:\Program Files\Wanadoo\GestMaj.exe (.not file.) O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1 O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=0 O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0 O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0 O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=0 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: &Sample Toolband Serach - (.not file.) - C:\WINDOWS\system32\ToolBand.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.sosordi.net/libs/KaspWebscanner/kavwebscan_unicode.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\System32\Ati2evxx.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation - Intel® PROSet/Wireless Event Log.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) . (.Intel Corporation - Wireless Management Service.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Oracle - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r53.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: bdpredir (bdpredir) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Softwin\BitDefender10\bdpredir.sys O41 - Driver: OsaFsLoc (OsaFsLoc) . (.OSA Technologies - Filesystem Lock driver.) - C:\WINDOWS\system32\drivers\OsaFsLoc.sys O41 - Driver: F-Secure HIPS (F-Secure HIPS) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\F-Secure\HIPS\fshs.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Acer Arcade - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Acer GridVista - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Acer Screensaver - (.acer.) [HKLM] O42 - Logiciel: Acer eDataSecurity Management 1.00.23 - (.Acer.) [HKLM] O42 - Logiciel: Acer eNet Management - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Acer ePower Management - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Acer ePresentation Management - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 7.0 - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: ArcSoft Panorama Maker 3 - (.ArcSoft.) [HKLM] O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: Des Chiffres et des Lettres - (.Mindscape.) [HKLM] O42 - Logiciel: EasyCleaner - (.ToniArts.) [HKLM] O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Intel® Graphics Media Accelerator Driver for Mobile - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Java 6 Update 21 - (.Oracle.) [HKLM] O42 - Logiciel: Kaspersky On-line Scanner - (.Kaspersky Lab.) [HKLM] O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logiciel Intel® PROSet/Wireless - (.Intel Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office 2000 SR-1 Disque 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office 2000 SR-1 Premium - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: NTI Backup NOW! 4 - (.NewTech Infosystems.) [HKLM] O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] O42 - Logiciel: Neuf - Kit de connexion - (.Neuf.) [HKLM] O42 - Logiciel: Nikon FotoShare - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Nikon Message Center - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PictureProject - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] O42 - Logiciel: SAGEM F@st 800-840 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] O42 - Logiciel: Synaptics Pointing Device Driver - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: VLC media player 0.9.2 - (.VideoLAN Team.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: mCore - (.Intel Corporation.) [HKLM] O42 - Logiciel: mMHouse - (.Intel Corporation.) [HKLM] O42 - Logiciel: mPfMgr - (.Intel Corporation.) [HKLM] O42 - Logiciel: mProSafe - (.Intel.) [HKLM] O42 - Logiciel: mWlsSafe - (.Intel.) [HKLM] O42 - Logiciel: mXML - (.Intel Corporation.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\BackWeb] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\DivXNetworks] [HKCU\Software\ESET] [HKCU\Software\F-Secure] [HKCU\Software\FRANCE TELECOM] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\KasperskyLab] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Marie Zim914] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Nikon] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Quanta] [HKCU\Software\Realtek] [HKCU\Software\SOFTWIN] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Smallfrogs Studio] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\Trolltech] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKLM\Software\ATI Technologies] [HKLM\Software\Acer Inc.] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Analog Devices] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\ArcSoft] [HKLM\Software\C07ft5Y] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Data Fellows] [HKLM\Software\ESET] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\INTEL] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Mindscape] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Neuf] [HKLM\Software\NewTech Infosystems] [HKLM\Software\Nikon] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Quanta] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\SAGEM] [HKLM\Software\SOFTWIN] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\ToniArts] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\muvee Technologies] [HKLM\Software\nSplitter] [HKLM\Software\pixology] ---\\ Contenu des dossiers Program Files (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\MSN O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Acer O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems O43 - CFD:Common File Directory ----D- C:\Program Files\Launch Manager O43 - CFD:Common File Directory ----D- C:\Program Files\WinPCap O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Snapshot Viewer O43 - CFD:Common File Directory ----D- C:\Program Files\Securitoo O43 - CFD:Common File Directory ----D- C:\Program Files\Wanadoo O43 - CFD:Common File Directory ----D- C:\Program Files\AntivirusFirewall O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Neuf O43 - CFD:Common File Directory ----D- C:\Program Files\Softwin O43 - CFD:Common File Directory ----D- C:\Program Files\SAGEM O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR O43 - CFD:Common File Directory ----D- C:\Program Files\Mindscape O43 - CFD:Common File Directory ----D- C:\Program Files\F-Secure O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nikon O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Softwin O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\PC Tools O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 16/07/2010 - 13:34:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1477586] O44 - LFC:[MD5.E6D35F3AA51A65EB35C1F2340154A25E] - 16/07/2010 - 01:08:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\kobgjel.sys [54016] O44 - LFC:[MD5.B47C16EE3E0764BFE382EAB1646C8F92] - 16/07/2010 - 00:54:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [263] O44 - LFC:[MD5.488FB40715F28C2693195B517FB96295] - 16/07/2010 - 00:54:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [698] O44 - LFC:[MD5.574C94EED8119C6860546294753EC938] - 16/07/2010 - 00:54:30 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [216] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/07/2010 - 00:32:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.A8C9500788F33E7F068156B2AF3C33C2] - 16/07/2010 - 00:32:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt [4562] O44 - LFC:[MD5.00000000000000000000000000000000] - 16/07/2010 - 00:32:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/07/2010 - 00:32:22 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.00000000000000000000000000000000] - 16/07/2010 - 00:31:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32532] O44 - LFC:[MD5.00000000000000000000000000000000] - 16/07/2010 - 00:31:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.E4FDD4BF281912BA16F13DF2464715B0] - 15/07/2010 - 23:55:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY2.zhp [279598] O44 - LFC:[MD5.A09C8645F21800E2F2636D18C5D7A3C4] - 15/07/2010 - 23:55:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY1.zhp [282158] O44 - LFC:[MD5.788F435953DEA78B251291B5EFA301CC] - 15/07/2010 - 23:54:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY0.zhp [284736] O44 - LFC:[MD5.CC4FD0017A06BFAFD9A4122ADF4781D3] - 15/07/2010 - 21:33:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [1154] O44 - LFC:[MD5.7F995AE70B3644983B46A17E717E8750] - 15/07/2010 - 20:21:46 ---A- . (.Oracle - Java Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728] O44 - LFC:[MD5.FB194CB73E3486ADF461201E1BC1A2E8] - 15/07/2010 - 20:21:46 ---A- . (.Oracle - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184] O44 - LFC:[MD5.7D19D8FE3B8301E77CFD93A300DDC8FB] - 15/07/2010 - 20:21:46 ---A- . (.Oracle - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184] O44 - LFC:[MD5.F59308C816904D13FA6BE88DAE4D2CED] - 15/07/2010 - 20:21:46 ---A- . (.Oracle - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376] O44 - LFC:[MD5.63ED3E0307641E1EA0D2A52EA74A8F18] - 15/07/2010 - 20:21:44 ---A- . (.Oracle - Java Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [423656] O44 - LFC:[MD5.C43BCC611756767C7514C446448A34EC] - 15/07/2010 - 19:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1078956] O44 - LFC:[MD5.ED5F1A16CA83B9E22BC0EE92E45E844E] - 15/07/2010 - 19:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [71718] O44 - LFC:[MD5.1D43375AACAC9DDA309C102AFBA2167F] - 15/07/2010 - 19:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [82870] O44 - LFC:[MD5.52B30877AB4915946480BE184BB5EF78] - 15/07/2010 - 19:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [424246] O44 - LFC:[MD5.D83229E3C24AAE54D81C345D82BB6E4B] - 15/07/2010 - 19:56:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [489442] O44 - LFC:[MD5.67468D982375D86B511C269E33262FE2] - 15/07/2010 - 19:05:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPExportRegistry-15-07-2010-20-05-51.txt [426496] O44 - LFC:[MD5.9D1177C2A8DE936B33D85FF75E8CBF1A] - 15/07/2010 - 17:30:54 ---A- . (.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) -- C:\WINDOWS\System32\drivers\osaio.sys [7296] O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 14/07/2010 - 20:03:09 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 14/07/2010 - 20:03:08 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.3F0AE731DDA7B0AE74D2D06B69E2E49B] - 14/07/2010 - 15:29:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\BDTSupport.dll.old [767952] O44 - LFC:[MD5.3B098A9107F8ECFC99428D69308E17D4] - 14/07/2010 - 15:29:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCTBDCore.dll.old [1652688] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 14/07/2010 - 15:09:51 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 14/07/2010 - 15:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 14/07/2010 - 15:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 14/07/2010 - 15:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 14/07/2010 - 15:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 14/07/2010 - 15:09:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 14/07/2010 - 15:09:51 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 14/07/2010 - 15:09:51 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 14/07/2010 - 15:09:51 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/07/2010 - 21:05:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\fa.log [0] O44 - LFC:[MD5.01D224B2EEE63273A4DC0A909D3B1672] - 13/07/2010 - 18:34:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 13/07/2010 - 18:34:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\spupdwxp.log [90] O44 - LFC:[MD5.BA5ADD02CD914BA4998DC446FDEC75B5] - 13/07/2010 - 18:33:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [295664] O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 13/07/2010 - 18:12:12 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\ntldr [252240] O44 - LFC:[MD5.D14C3F91738B78AE0F5005E6F54D7B95] - 13/07/2010 - 02:03:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [125832] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:Last File Created Prefetch 15/07/2010 - 19:55:54 ---A- C:\WINDOWS\Prefetch\ILAUNCHR.EXE-2FAF9737.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 19:56:00 ---A- C:\WINDOWS\Prefetch\QKLEZ.EXE-024E9222.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 19:56:02 ---A- C:\WINDOWS\Prefetch\ILWRAP.EXE-051EC7EE.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 19:56:08 ---A- C:\WINDOWS\Prefetch\FSSETUP.EXE-07A4F543.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 19:56:10 ---A- C:\WINDOWS\Prefetch\SETUP.EXE-02717ECA.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 20:49:34 ---A- C:\WINDOWS\Prefetch\FSUNINST.EXE-295C0C42.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 22:15:12 ---A- C:\WINDOWS\Prefetch\WINIQXY.EXE-0262B97E.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 22:50:28 ---A- C:\WINDOWS\Prefetch\WINIKTNPA.EXE-301E70B2.pf O45 - LFCP:Last File Created Prefetch 15/07/2010 - 23:18:54 ---A- C:\WINDOWS\Prefetch\FSM32.EXE-374135F6.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:12:34 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:13:14 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:13:16 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:19:16 ---A- C:\WINDOWS\Prefetch\IGFXSRVC.EXE-1D88F978.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:22:28 ---A- C:\WINDOWS\Prefetch\CCSETUP233.EXE-0FD04636.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:23:58 ---A- C:\WINDOWS\Prefetch\WINWORD.EXE-23347E4F.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:24:06 ---A- C:\WINDOWS\Prefetch\AGENTSVR.EXE-260B72BD.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:28:48 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:33:58 ---A- C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:33:58 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:34:32 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:35:46 ---A- C:\WINDOWS\Prefetch\WINMUHMY.EXE-24F0B6EA.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:38:40 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 00:51:54 ---A- C:\WINDOWS\Prefetch\MSCONFIG.EXE-1EF1EA0F.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:01:46 ---A- C:\WINDOWS\Prefetch\CHKDSK.EXE-0C6DCB55.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:07:18 ---A- C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:10:54 ---A- C:\WINDOWS\Prefetch\WINQPTT.EXE-2BAC2279.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:45:52 ---A- C:\WINDOWS\Prefetch\WINAYQXYI.EXE-3858BD95.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:47:06 ---A- C:\WINDOWS\Prefetch\TELNET.EXE-151A63B2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:49:08 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:52:12 ---A- C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:52:22 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 01:52:22 ---A- C:\WINDOWS\Prefetch\DFRGFAT.EXE-22605FE5.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 02:20:58 ---A- C:\WINDOWS\Prefetch\WINXVBS.EXE-00430727.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 02:56:06 ---A- C:\WINDOWS\Prefetch\WINFYOTWW.EXE-0617BFE7.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 03:31:12 ---A- C:\WINDOWS\Prefetch\WINCUIHQ.EXE-2A6B62DA.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 04:06:18 ---A- C:\WINDOWS\Prefetch\WINRJNA.EXE-02626E23.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 04:41:28 ---A- C:\WINDOWS\Prefetch\WINFKFIJ.EXE-079B4A10.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 07:47:04 ---A- C:\WINDOWS\Prefetch\SSSTARS.SCR-3464C062.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:28:44 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:33:04 ---A- C:\WINDOWS\Prefetch\SRE3E21A78F.EXE-0752433F.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:33:08 ---A- C:\WINDOWS\Prefetch\WINRAR.EXE-0AA31BB9.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:33:10 ---A- C:\WINDOWS\Prefetch\SRENGLDR.EXE-099F1830.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:33:56 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:34:10 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:37:48 ---A- C:\WINDOWS\Prefetch\ZHPFIX.EXE-29819034.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:38:30 ---A- C:\WINDOWS\Prefetch\ZHPDIAG 1.26.EXE-322C237F.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:38:30 ---A- C:\WINDOWS\Prefetch\ZHPDIAG 1.26.TMP-10623BCA.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 13:38:40 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:16:36 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:16:36 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\ATI2EVXX.EXE-07A42849.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\CLCAPSVC.EXE-0EF512D9.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\CLMLSERVER.EXE-330DEB4A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\CLMLSERVICE.EXE-34FB33E7.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\CSRSS.EXE-22452D1B.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\EPM-DM.EXE-3472C0E6.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\EVTENG.EXE-38C1434A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\FXSSVC.EXE-140862E7.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\JQS.EXE-31B60334.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\JUSCHED.EXE-0E6FA1F7.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\LSASS.EXE-306A65C3.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\S24EVMON.EXE-2EB33684.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\SERVICES.EXE-3019B50A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\SPOOLSV.EXE-3A613CE3.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\WINLOGON.EXE-0957F9B2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:21:42 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:23:48 ---A- C:\WINDOWS\Prefetch\SPYBOTSD162.EXE-272E4FED.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:23:48 ---A- C:\WINDOWS\Prefetch\SPYBOTSD162.TMP-1F825F8A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:24:18 ---A- C:\WINDOWS\Prefetch\WINXHSCAV.EXE-02ABDEBE.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:25:00 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-66741906.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:26:16 ---A- C:\WINDOWS\Prefetch\JAVAW.EXE-392A4E93.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:26:18 ---A- C:\WINDOWS\Prefetch\JAUCHECK.EXE-04217FEF.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:26:18 ---A- C:\WINDOWS\Prefetch\JAVAWS.EXE-078C20EA.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:36:16 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:38:04 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6DF739B2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:38:24 ---A- C:\WINDOWS\Prefetch\KAVUNINSTALL.EXE-1B39A362.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:40:50 ---A- C:\WINDOWS\Prefetch\UNINST.EXE-1B32283A.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:40:56 ---A- C:\WINDOWS\Prefetch\AU_.EXE-267FEED6.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:53:40 ---A- C:\WINDOWS\Prefetch\MMC.EXE-5964E59B.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:26 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D93DA3E.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:26 ---A- C:\WINDOWS\Prefetch\SET6.TMP-207CACC9.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:28 ---A- C:\WINDOWS\Prefetch\IKERNEL.EXE-1DD5E349.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:36 ---A- C:\WINDOWS\Prefetch\SET7.TMP-2E8230E9.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:38 ---A- C:\WINDOWS\Prefetch\UNINST32.EXE-0578C3C3.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:54:48 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:02 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4D394621.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:04 ---A- C:\WINDOWS\Prefetch\SET9.TMP-081AB654.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:14 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-71C52B2B.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:14 ---A- C:\WINDOWS\Prefetch\SETC.TMP-16AF2864.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:14 ---A- C:\WINDOWS\Prefetch\SETE.TMP-017BD8F2.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:24 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F99F92C.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:24 ---A- C:\WINDOWS\Prefetch\SET10.TMP-1C90B10B.pf O45 - LFCP:Last File Created Prefetch 16/07/2010 - 23:55:34 ---A- C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer Arcade\PCMService.exe" [Enabled] .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe O47 - AAKE:Key Export SP - "F:\Thumbs.com" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- F:\Thumbs.com:*:Enabled:ipsec O47 - AAKE:Key Export SP - "C:\WINDOWS\Explorer.EXE" [Enabled] .(.Microsoft Corporation - Explorateur Windows.) (.not file.) -- C:\WINDOWS\explorer.exe O47 - AAKE:Key Export SP - "C:\acer\Empowering Technology\ePower\epm-dm.exe" [Enabled] .(.Acer Inc - Acer EPM Device Manager.) (.not file.) -- C:\acer\Empowering Technology\ePower\epm-dm.exe O47 - AAKE:Key Export SP - "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Marie Zim\Menu Démarrer\Programmes\Démarrage\Adobe update.com" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Documents and Settings\Marie Zim\Menu Démarrer\Programmes\Démarrage\Adobe update.com:*:Enabled:ipsec O47 - AAKE:Key Export SP - "C:\Documents and Settings\Marie Zim\Menu Démarrer\Programmes\Démarrage\Adobe Online.com" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Documents and Settings\Marie Zim\Menu Démarrer\Programmes\Démarrage\Adobe Online.com:*:Enabled:ipsec O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\F-Secure\FSMSI\RunSetup.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\F-Secure\FSMSI\RunSetup.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spyware Doctor\UmInject32.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Spyware Doctor\UmInject32.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) (.not file.) -- C:\Program Files\Internet Explorer\iexplore.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Marie Zim\Bureau\OTL.exe" [Enabled] .(.OldTimer Tools - Pas de description.) (.not file.) -- C:\Documents and Settings\Marie Zim\Bureau\OTL.exe O47 - AAKE:Key Export SP - "C:\Program Files\Intel\Wireless\Bin\EvtEng.exe" [Enabled] .(.Intel Corporation - Intel® PROSet/Wireless Event Log.) (.not file.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winuxpvx.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winuxpvx.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winekvbiq.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winekvbiq.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winbxcaj.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winbxcaj.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winhrml.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winhrml.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winprmd.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winprmd.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winktos.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winktos.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winuduhf.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winuduhf.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winnmrek.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winnmrek.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winopggf.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winopggf.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\wintcwus.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\wintcwus.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winpimv.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winpimv.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winpilor.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winpilor.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\wintvkbma.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\wintvkbma.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winxvgyfv.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winxvgyfv.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winiqxy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winiqxy.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winiktnpa.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winiktnpa.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winxhscav.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winxhscav.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winmuhmy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winmuhmy.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winqptt.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winqptt.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winayqxyi.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winayqxyi.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winxvbs.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winxvbs.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winfyotww.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winfyotww.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\wincuihq.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\wincuihq.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winrjna.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winrjna.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\winfkfij.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\WINDOWS\TEMP\winfkfij.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{0f26450a-e5df-11dc-b619-00166f962b45}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Thumbs.com (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"msacm.l3codecp"="" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 04:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 04:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 04:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.A902A7E76C245210EEE9EF5185158E9C] - 23/10/2005 - 18:20:52 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 04:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 04:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.C1D5CBD8AA0D674DA1BA1BB189696396] - 18/10/2005 - 00:52:30 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys O58 - SDL:[MD5.9D1177C2A8DE936B33D85FF75E8CBF1A] - 30/06/2005 - 15:58:24 ---A- . (.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 05/08/2004 - 04:00:00 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys O58 - SDL:[MD5.C9F4E7DA78A02623ABF78A4A34CE79B1] - 18/10/2005 - 00:53:24 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys O58 - SDL:[MD5.E246A32C445056996074A397DA56E815] - 05/10/2005 - 23:57:08 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys O58 - SDL:[MD5.9EE38FFCB4CBE5BEE6C305700DDC4725] - 11/09/2005 - 18:49:44 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w29n51.sys O58 - SDL:[MD5.956C7EC3A9DE96F785B829BEB41E3C3E] - 11/12/2005 - 06:40:44 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys O58 - SDL:[MD5.A63401D180863A2CEFCE51798542AE5F] - 07/01/2005 - 15:03:42 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys O58 - SDL:[MD5.7889E3981E0A5D347E037ABD467D53A5] - 29/09/2005 - 19:11:42 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.E6D35F3AA51A65EB35C1F2340154A25E] - 16/07/2010 - 01:08:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\kobgjel.sys O58 - SDL:[MD5.4078D4795E394BF2ADBED6FCC9827F78] - 17/11/2005 - 23:45:40 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 06/01/2006 - 05:58:16 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 05/08/2004 - 04:00:00 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 05/08/2004 - 04:00:00 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 05/08/2004 - 04:00:00 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 05/08/2004 - 04:00:00 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 05/08/2004 - 04:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 05/08/2004 - 04:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 05/08/2004 - 04:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 05/08/2004 - 04:00:00 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 05/08/2004 - 04:00:00 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 05/08/2004 - 04:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 05/08/2004 - 04:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 05/08/2004 - 04:00:00 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 05/08/2004 - 04:00:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 05/08/2004 - 04:00:00 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys O58 - SDL:[MD5.240D0F5D7CAAFD87BD8D801A97BBE041] - 18/07/2005 - 03:34:22 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys O58 - SDL:[MD5.D68564FCFBDFC04280CDBBB37CF7EF7F] - 19/07/2004 - 12:10:00 ---A- . (.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) -- C:\WINDOWS\system32\drivers\epm-psd.sys O58 - SDL:[MD5.2D0C4A7077F6C68449479F5444C580A7] - 07/04/2005 - 17:08:46 ---A- . (.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) -- C:\WINDOWS\system32\drivers\epm-shd.sys O58 - SDL:[MD5.08D30AF92C270F2E76787C81589DBAD6] - 08/12/2004 - 13:10:00 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS O58 - SDL:[MD5.662C9F09076A2E1224C8833DEF1F5CB0] - 09/11/2005 - 13:45:56 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys O58 - SDL:[MD5.12DAFD934641DCF61E446313BC261EC2] - 07/08/2006 - 18:21:20 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys O58 - SDL:[MD5.D21FEE8DB254BA762656878168AC1DB6] - 03/08/2005 - 04:10:14 ---A- . (.CACE Technologies - npf.) -- C:\WINDOWS\system32\drivers\npf.sys O58 - SDL:[MD5.3245BEE5176697FAF0744A2E1288DC77] - 14/01/2005 - 14:57:16 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys O58 - SDL:[MD5.26C4A4B64D1DD8E6FDFB2F4897BE029C] - 15/10/2005 - 17:20:44 ---A- . (.OSA Technologies - Filesystem Lock driver.) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys O58 - SDL:[MD5.1F76996253071CBAE0A5AB5D8551EF88] - 13/09/2005 - 14:34:40 ---A- . (.OSA Technologies - NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\NdisFilt.sys O58 - SDL:[MD5.6A25F27202F3122A44A6B74EE46E7A76] - 02/05/2005 - 11:13:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\NETMNT.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 19/11/2005 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys O58 - SDL:[MD5.E467A7E56413058EBD74995F682BF684] - 25/03/2003 - 17:02:12 ---A- . (.Analog Deivces - adi loader.) -- C:\WINDOWS\system32\drivers\adildr.sys O58 - SDL:[MD5.88FA846846E5080FA2D2FBEC1EF2AEAA] - 27/03/2003 - 13:38:44 ---A- . (.Analog Devices Inc. - ADSL USB Driver.) -- C:\WINDOWS\system32\drivers\adiusbaw.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 04:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 13/07/2010 - 07:44:46 ---A- C:\Documents And Settings\All Users\Application Data\fssg\1056.1040.log [383] O61 - LFC:Last File Created 13/07/2010 - 09:54:40 ---A- C:\Documents And Settings\All Users\Application Data\fssg\3116.3608.log [383] O61 - LFC:Last File Created 13/07/2010 - 10:01:54 ---A- C:\Documents And Settings\All Users\Application Data\fssg\2576.2580.log [383] O61 - LFC:Last File Created 13/07/2010 - 12:15:54 ---A- C:\Documents And Settings\Marie Zim\Application Data\Adobe\Acrobat\7.0\JavaScripts\glob.settings.js [10] O61 - LFC:Last File Created 13/07/2010 - 12:15:56 ---A- C:\Documents And Settings\Marie Zim\Application Data\Adobe\Acrobat\7.0\Collab\RSS [103] O61 - LFC:Last File Created 13/07/2010 - 12:15:56 ---A- C:\Documents And Settings\Marie Zim\Application Data\Adobe\Acrobat\7.0\Preferences\AutoFillDefaults.dat [0] O61 - LFC:Last File Created 13/07/2010 - 12:15:56 ---A- C:\Documents And Settings\Marie Zim\Application Data\Adobe\Acrobat\7.0\Preferences\defaultHeuristics.dat [870] O61 - LFC:Last File Created 13/07/2010 - 12:16:06 ---A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Office\Récents\fiche projet.lnk [678] O61 - LFC:Last File Created 13/07/2010 - 12:16:08 ---A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Office\Récents\Mes documents.lnk [543] O61 - LFC:Last File Created 13/07/2010 - 12:16:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\vlc\CACHEDIR.TAG [193] O61 - LFC:Last File Created 13/07/2010 - 12:16:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\vlc\ml.xspf [345] O61 - LFC:Last File Created 13/07/2010 - 12:16:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\vlc\plugins-zxzx04.dat [377330] O61 - LFC:Last File Created 13/07/2010 - 12:16:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\vlc\vlc-qt-interface.ini [1404] O61 - LFC:Last File Created 13/07/2010 - 12:16:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\vlc\vlcrc [68463] O61 - LFC:Last File Created 13/07/2010 - 13:07:00 -SHA- C:\Documents And Settings\All Users\DRM\drmstore.hds [200704] O61 - LFC:Last File Created 13/07/2010 - 13:08:10 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [10232] O61 - LFC:Last File Created 13/07/2010 - 13:09:04 -SHA- C:\Documents And Settings\Marie Zim\Mes documents\Mes images\Exemples d'images\Voyage\Thumbs.db [26112] O61 - LFC:Last File Created 13/07/2010 - 13:10:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb [7622656] O61 - LFC:Last File Created 13/07/2010 - 13:10:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\Microsoft\Media Player\LocalMLS_2.wmdb [254192] O61 - LFC:Last File Created 13/07/2010 - 13:10:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl [579] O61 - LFC:Last File Created 13/07/2010 - 13:10:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [7880] O61 - LFC:Last File Created 13/07/2010 - 18:18:30 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Connexion Bureau à distance.lnk [1579] O61 - LFC:Last File Created 13/07/2010 - 18:18:42 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Configurer les programmes par défaut.lnk [1471] O61 - LFC:Last File Created 13/07/2010 - 18:18:42 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\desktop.ini [284] O61 - LFC:Last File Created 13/07/2010 - 18:20:10 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Assistant Réseau sans fil.lnk [1564] O61 - LFC:Last File Created 13/07/2010 - 18:20:10 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\desktop.ini [532] O61 - LFC:Last File Created 13/07/2010 - 18:25:24 ---A- C:\Documents And Settings\Marie Zim\Mes documents\Ma musique\Échantillons de musique.lnk [619] O61 - LFC:Last File Created 13/07/2010 - 18:25:30 ---A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [687] O61 - LFC:Last File Created 13/07/2010 - 18:25:30 ---A- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\Internet Explorer.lnk [675] O61 - LFC:Last File Created 13/07/2010 - 18:25:32 ---A- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk [682] O61 - LFC:Last File Created 13/07/2010 - 18:25:32 ---A- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\Outlook Express.lnk [646] O61 - LFC:Last File Created 13/07/2010 - 18:25:32 -SHA- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\Accessoires\desktop.ini [581] O61 - LFC:Last File Created 13/07/2010 - 18:25:32 -SHA- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\desktop.ini [238] O61 - LFC:Last File Created 13/07/2010 - 18:25:36 -SH-- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini [107] O61 - LFC:Last File Created 13/07/2010 - 18:25:36 -SHA- C:\Documents And Settings\Marie Zim\Favoris\Desktop.ini [122] O61 - LFC:Last File Created 13/07/2010 - 18:25:36 -SHA- C:\Documents And Settings\Marie Zim\Mes documents\Ma musique\Desktop.ini [247] O61 - LFC:Last File Created 13/07/2010 - 18:25:36 -SHA- C:\Documents And Settings\Marie Zim\Mes documents\Mes images\Desktop.ini [246] O61 - LFC:Last File Created 13/07/2010 - 18:25:36 -SHA- C:\Documents And Settings\Marie Zim\Mes documents\desktop.ini [141] O61 - LFC:Last File Created 13/07/2010 - 18:25:48 --HA- C:\Documents And Settings\Default User\NTUSER.DAT [786432] O61 - LFC:Last File Created 13/07/2010 - 18:30:34 -SH-- C:\Documents And Settings\Marie Zim\Local Settings\Historique\desktop.ini [113] O61 - LFC:Last File Created 13/07/2010 - 18:34:18 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.DTD [498] O61 - LFC:Last File Created 13/07/2010 - 18:34:18 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [10188] O61 - LFC:Last File Created 13/07/2010 - 19:15:06 ---A- C:\Documents And Settings\All Users\Application Data\fssg\1628.2888.log [383] O61 - LFC:Last File Created 13/07/2010 - 19:25:36 ---A- C:\Documents And Settings\All Users\Application Data\fssg\3492.3356.log [383] O61 - LFC:Last File Created 13/07/2010 - 20:08:30 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\Observateur d'événements.lnk [1500] O61 - LFC:Last File Created 13/07/2010 - 21:05:02 ---A- C:\Documents And Settings\All Users\Application Data\fssg\1408.1380.log [383] O61 - LFC:Last File Created 13/07/2010 - 21:25:12 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898] O61 - LFC:Last File Created 13/07/2010 - 21:25:12 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94] O61 - LFC:Last File Created 13/07/2010 - 21:25:14 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [95809] O61 - LFC:Last File Created 13/07/2010 - 21:25:14 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124] O61 - LFC:Last File Created 13/07/2010 - 21:34:26 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4 [25839] O61 - LFC:Last File Created 13/07/2010 - 21:34:26 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4 [132] O61 - LFC:Last File Created 13/07/2010 - 21:34:52 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Application Data\housecall.guid.cache [36] O61 - LFC:Last File Created 13/07/2010 - 21:54:14 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 [18] O61 - LFC:Last File Created 13/07/2010 - 21:54:14 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 [216] O61 - LFC:Last File Created 13/07/2010 - 21:54:16 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 [32570] O61 - LFC:Last File Created 13/07/2010 - 21:54:16 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 [216] O61 - LFC:Last File Created 13/07/2010 - 22:37:38 ---A- C:\Documents And Settings\Marie Zim\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk [1427] O61 - LFC:Last File Created 13/07/2010 - 22:54:42 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552] O61 - LFC:Last File Created 13/07/2010 - 22:54:42 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132] O61 - LFC:Last File Created 14/07/2010 - 18:08:14 -SH-- C:\Documents And Settings\NetworkService\ntuser.ini [184] O61 - LFC:Last File Created 14/07/2010 - 18:26:36 ---A- C:\Documents And Settings\Marie Zim\Bureau\OTL.exe [636416] O61 - LFC:Last File Created 14/07/2010 - 20:03:12 ---A- C:\Documents And Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [604] O61 - LFC:Last File Created 14/07/2010 - 20:05:22 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\config.dat [778] O61 - LFC:Last File Created 14/07/2010 - 20:05:22 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\link.txt [126] O61 - LFC:Last File Created 14/07/2010 - 20:05:22 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\local.dat [87] O61 - LFC:Last File Created 14/07/2010 - 20:05:22 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt [60] O61 - LFC:Last File Created 14/07/2010 - 20:05:22 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [5206042] O61 - LFC:Last File Created 14/07/2010 - 20:05:40 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat [0] O61 - LFC:Last File Created 14/07/2010 - 20:16:32 ---A- C:\Documents And Settings\Marie Zim\Bureau\ccsetup233.exe [3457616] O61 - LFC:Last File Created 14/07/2010 - 20:28:14 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.36070 [123] O61 - LFC:Last File Created 14/07/2010 - 20:28:14 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.38718 [129] O61 - LFC:Last File Created 14/07/2010 - 20:28:14 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.36070 [8704] O61 - LFC:Last File Created 14/07/2010 - 20:28:18 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-14 (21-28-17).txt [1361] O61 - LFC:Last File Created 14/07/2010 - 20:53:00 ---A- C:\Documents And Settings\All Users\Application Data\fssg\888.2180.log [382] O61 - LFC:Last File Created 14/07/2010 - 21:24:52 ---A- C:\Documents And Settings\Marie Zim\Bureau\Explorateur Windows.lnk [1383] O61 - LFC:Last File Created 14/07/2010 - 21:33:00 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.41225 [82] O61 - LFC:Last File Created 14/07/2010 - 21:33:00 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.41225 [8704] O61 - LFC:Last File Created 14/07/2010 - 21:33:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-14 (22-33-30).txt [1141] O61 - LFC:Last File Created 14/07/2010 - 21:49:46 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-14 (22-49-44).txt [1027] O61 - LFC:Last File Created 14/07/2010 - 21:53:50 -SHA- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Internet Explorer\Desktop.htt [2464] O61 - LFC:Last File Created 15/07/2010 - 14:09:18 ---A- C:\Documents And Settings\Marie Zim\Bureau\ZHPDiag 1.26.exe [1732045] O61 - LFC:Last File Created 15/07/2010 - 14:11:06 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A [528] O61 - LFC:Last File Created 15/07/2010 - 14:11:06 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A [140] O61 - LFC:Last File Created 15/07/2010 - 14:11:26 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD [558] O61 - LFC:Last File Created 15/07/2010 - 14:11:26 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD [146] O61 - LFC:Last File Created 15/07/2010 - 14:12:12 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5 [571] O61 - LFC:Last File Created 15/07/2010 - 14:12:12 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5 [136] O61 - LFC:Last File Created 15/07/2010 - 14:12:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\1B749B72855CB97BF2F58675617C9BF9 [576] O61 - LFC:Last File Created 15/07/2010 - 14:12:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B749B72855CB97BF2F58675617C9BF9 [162] O61 - LFC:Last File Created 15/07/2010 - 14:14:02 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD [781] O61 - LFC:Last File Created 15/07/2010 - 14:14:02 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 [561] O61 - LFC:Last File Created 15/07/2010 - 14:14:02 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD [156] O61 - LFC:Last File Created 15/07/2010 - 14:14:02 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 [134] O61 - LFC:Last File Created 15/07/2010 - 14:15:24 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 [569] O61 - LFC:Last File Created 15/07/2010 - 14:15:24 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 [142] O61 - LFC:Last File Created 15/07/2010 - 14:48:38 ---A- C:\Documents And Settings\Marie Zim\Bureau\mbam-log-2010-07-15 (15-48-29).txt [1131] O61 - LFC:Last File Created 15/07/2010 - 14:50:18 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.63298 [82] O61 - LFC:Last File Created 15/07/2010 - 14:50:18 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.63298 [8704] O61 - LFC:Last File Created 15/07/2010 - 14:50:20 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-15 (15-50-19).txt [1141] O61 - LFC:Last File Created 15/07/2010 - 19:06:50 ---A- C:\Documents And Settings\Marie Zim\Bureau\TFC.exe [507904] O61 - LFC:Last File Created 15/07/2010 - 19:29:12 -SH-- C:\Documents And Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 15/07/2010 - 19:29:30 -SH-- C:\Documents And Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 15/07/2010 - 19:31:20 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\apub2 [442] O61 - LFC:Last File Created 15/07/2010 - 19:31:20 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\apub3 [442] O61 - LFC:Last File Created 15/07/2010 - 19:31:30 ---A- C:\Documents And Settings\All Users\Application Data\fssg\3124.3128.log [383] O61 - LFC:Last File Created 15/07/2010 - 19:43:32 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\MSI52237.LOG [762] O61 - LFC:Last File Created 15/07/2010 - 19:55:58 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\apub4 [442] O61 - LFC:Last File Created 15/07/2010 - 19:55:58 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\apub5 [442] O61 - LFC:Last File Created 15/07/2010 - 19:56:10 ---A- C:\Documents And Settings\All Users\Application Data\fssg\3100.960.log [382] O61 - LFC:Last File Created 15/07/2010 - 19:57:18 ---A- C:\Documents And Settings\All Users\Application Data\F-Secure\Logs\ilaunchr.log [26907] O61 - LFC:Last File Created 15/07/2010 - 20:01:54 ---A- C:\Documents And Settings\Marie Zim\Favoris\Virus surabaya.url [317] O61 - LFC:Last File Created 15/07/2010 - 20:05:36 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\MSI693b7.LOG [450] O61 - LFC:Last File Created 15/07/2010 - 20:16:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7 [1310] O61 - LFC:Last File Created 15/07/2010 - 20:16:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\Content\E8974A4669383843486E5AFDB09650F5 [2249] O61 - LFC:Last File Created 15/07/2010 - 20:16:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7 [100] O61 - LFC:Last File Created 15/07/2010 - 20:16:18 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\CryptnetUrlCache\MetaData\E8974A4669383843486E5AFDB09650F5 [124] O61 - LFC:Last File Created 15/07/2010 - 20:17:12 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\jinstall.cfg [1217] O61 - LFC:Last File Created 15/07/2010 - 20:17:20 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\jre1.6.0_21\OpenOffice_banner.jpg [80266] O61 - LFC:Last File Created 15/07/2010 - 20:21:28 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\15365c.mst [9320448] O61 - LFC:Last File Created 15/07/2010 - 20:21:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.42832 [82] O61 - LFC:Last File Created 15/07/2010 - 20:21:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.42832 [8704] O61 - LFC:Last File Created 15/07/2010 - 20:21:34 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\java_install_sp.log [1851] O61 - LFC:Last File Created 15/07/2010 - 20:21:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-15 (21-21-34).txt [1166] O61 - LFC:Last File Created 15/07/2010 - 20:21:52 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\java_install.log [28503] O61 - LFC:Last File Created 15/07/2010 - 20:21:54 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\java_install_reg.log [2472] O61 - LFC:Last File Created 15/07/2010 - 20:21:58 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Crypto\RSA\S-1-5-21-2235314599-977017156-3776555427-1006\83aa4cc77f591dfc2374580bbd95f6ba_81aa8187-704c-4b07-8d66-97a509fe9819 [45] O61 - LFC:Last File Created 15/07/2010 - 20:21:58 -SHA- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Protect\S-1-5-21-2235314599-977017156-3776555427-1006\2a11e38e-e9f8-439e-9d9d-54a4cdb3bdec [388] O61 - LFC:Last File Created 15/07/2010 - 20:21:58 -SHA- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Protect\S-1-5-21-2235314599-977017156-3776555427-1006\Preferred [24] O61 - LFC:Last File Created 15/07/2010 - 20:22:06 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4a86507c [3029] O61 - LFC:Last File Created 15/07/2010 - 20:22:06 -S-A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Crypto\RSA\S-1-5-21-2235314599-977017156-3776555427-1006\6b29ae44e85efac3c72ff4d1865d73f1_81aa8187-704c-4b07-8d66-97a509fe9819 [53] O61 - LFC:Last File Created 15/07/2010 - 20:22:08 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\AU\au.cab [570413] O61 - LFC:Last File Created 15/07/2010 - 20:22:08 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\AU\au.msi [183808] O61 - LFC:Last File Created 15/07/2010 - 20:22:08 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3a88a903 [2696] O61 - LFC:Last File Created 15/07/2010 - 20:22:08 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b0b4461 [78684] O61 - LFC:Last File Created 15/07/2010 - 20:22:10 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-392ad016 [2638711] O61 - LFC:Last File Created 15/07/2010 - 20:22:10 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-753ee635 [292107] O61 - LFC:Last File Created 15/07/2010 - 20:22:10 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b0b4461-n\decora-d3d.dll [12800] O61 - LFC:Last File Created 15/07/2010 - 20:22:10 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b0b4461-n\decora-sse.dll [61440] O61 - LFC:Last File Created 15/07/2010 - 20:22:12 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2dd43e23 [1356287] O61 - LFC:Last File Created 15/07/2010 - 20:22:12 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2dd43e23-n\jmc.dll [499712] O61 - LFC:Last File Created 15/07/2010 - 20:22:12 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2dd43e23-n\msvcp71.dll [503808] O61 - LFC:Last File Created 15/07/2010 - 20:22:12 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2dd43e23-n\msvcr71.dll [348160] O61 - LFC:Last File Created 15/07/2010 - 20:22:14 ---A- C:\Documents And Settings\All Users\Application Data\Sun\Java\Java Update\jaureglist.xml [119] O61 - LFC:Last File Created 15/07/2010 - 20:22:14 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\JAUReg.log [293] O61 - LFC:Last File Created 15/07/2010 - 20:22:32 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-74e68193 [4329254] O61 - LFC:Last File Created 15/07/2010 - 20:22:34 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\lastAccessed [1] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\26\457dee9a-3a88a903.idx [884] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\29\2d9f109d-74e68193.idx [390562] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4a86507c.idx [883] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2dd43e23.idx [10981] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b0b4461.idx [10939] O61 - LFC:Last File Created 15/07/2010 - 20:22:36 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\security\trusted.certs [1501] O61 - LFC:Last File Created 15/07/2010 - 20:22:38 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\23\3db38257-392ad016.idx [129571] O61 - LFC:Last File Created 15/07/2010 - 20:22:38 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\SystemCache\6.0\23\6fa462d7-753ee635.idx [11314] O61 - LFC:Last File Created 15/07/2010 - 20:23:22 ---A- C:\Documents And Settings\Marie Zim\Application Data\Sun\Java\Deployment\deployment.properties [637] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\EasyCleaner tray icon.lnk [662] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\EasyCleaner.lnk [656] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\Help\EasyCleaner help (English).lnk [739] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\Help\EasyCleaner help (Finnish).lnk [739] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\The Web\EasyCleaner home.lnk [222] O61 - LFC:Last File Created 15/07/2010 - 20:25:04 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\EasyCleaner\The Web\ToniArts.lnk [198] O61 - LFC:Last File Created 15/07/2010 - 21:21:04 -SHA- C:\Documents And Settings\Marie Zim\Recent\Desktop.ini [150] O61 - LFC:Last File Created 15/07/2010 - 21:21:52 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@malekal[2].txt [350] O61 - LFC:Last File Created 15/07/2010 - 21:23:00 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [87] O61 - LFC:Last File Created 15/07/2010 - 21:23:44 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [108] O61 - LFC:Last File Created 15/07/2010 - 21:23:46 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@doubleclick[1].txt [117] O61 - LFC:Last File Created 15/07/2010 - 21:23:48 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@quantserve[1].txt [95] O61 - LFC:Last File Created 15/07/2010 - 21:23:52 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@betanews[2].txt [232] O61 - LFC:Last File Created 15/07/2010 - 21:24:06 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@crowdscience[1].txt [88] O61 - LFC:Last File Created 15/07/2010 - 21:24:06 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [698] O61 - LFC:Last File Created 15/07/2010 - 21:24:32 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@xiti[1].txt [101] O61 - LFC:Last File Created 15/07/2010 - 21:30:02 ---A- C:\Documents And Settings\Marie Zim\Bureau\spybotsd162.exe [16409960] O61 - LFC:Last File Created 15/07/2010 - 21:30:36 -SH-- C:\Documents And Settings\Marie Zim\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 15/07/2010 - 21:31:12 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [119] O61 - LFC:Last File Created 15/07/2010 - 21:31:12 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [680] O61 - LFC:Last File Created 15/07/2010 - 21:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [67] O61 - LFC:Last File Created 15/07/2010 - 21:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@msn[2].txt [388] O61 - LFC:Last File Created 15/07/2010 - 21:31:36 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@imageshack[1].txt [102] O61 - LFC:Last File Created 15/07/2010 - 21:32:24 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@live[1].txt [94] O61 - LFC:Last File Created 15/07/2010 - 21:34:26 --HA- C:\Documents And Settings\All Users\NTUSER.DAT.LOG [8192] O61 - LFC:Last File Created 15/07/2010 - 21:34:26 --HA- C:\Documents And Settings\Default User\ntuser.dat.LOG [8192] O61 - LFC:Last File Created 15/07/2010 - 21:34:32 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@wydadnews[1].txt [340] O61 - LFC:Last File Created 15/07/2010 - 21:34:34 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [369] O61 - LFC:Last File Created 15/07/2010 - 21:34:34 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@blogbang[2].txt [170] O61 - LFC:Last File Created 15/07/2010 - 21:34:34 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@tradedoubler[2].txt [214] O61 - LFC:Last File Created 15/07/2010 - 21:34:36 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@alenty[1].txt [94] O61 - LFC:Last File Created 16/07/2010 - 00:15:58 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [355] O61 - LFC:Last File Created 16/07/2010 - 00:15:58 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@hardware[1].txt [137] O61 - LFC:Last File Created 16/07/2010 - 00:16:10 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@forum[2].txt [96] O61 - LFC:Last File Created 16/07/2010 - 00:17:08 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@canal-plus[1].txt [335] O61 - LFC:Last File Created 16/07/2010 - 00:17:14 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@apmebf[1].txt [90] O61 - LFC:Last File Created 16/07/2010 - 00:17:14 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@mediaplex[1].txt [80] O61 - LFC:Last File Created 16/07/2010 - 00:17:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@infos-du-net[2].txt [605] O61 - LFC:Last File Created 16/07/2010 - 00:19:20 ---A- C:\Documents And Settings\Marie Zim\Bureau\Nouveau Document texte.txt [0] O61 - LFC:Last File Created 16/07/2010 - 00:19:22 ---A- C:\Documents And Settings\Marie Zim\Recent\Nouveau Document texte.lnk [468] O61 - LFC:Last File Created 16/07/2010 - 00:20:18 ---A- C:\Documents And Settings\Marie Zim\Bureau\iiexplorer.bat [28] O61 - LFC:Last File Created 16/07/2010 - 00:21:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@zedo[2].txt [436] O61 - LFC:Last File Created 16/07/2010 - 00:22:28 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\003A78A0_Rar\ccsetup233.exe [3457616] O61 - LFC:Last File Created 16/07/2010 - 00:22:42 ---A- C:\Documents And Settings\Marie Zim\Bureau\CCleaner.lnk [590] O61 - LFC:Last File Created 16/07/2010 - 00:23:48 ---A- C:\Documents And Settings\Marie Zim\Bureau\Microsoft Word.lnk [2551] O61 - LFC:Last File Created 16/07/2010 - 00:31:20 ---A- C:\Documents And Settings\Marie Zim\Application Data\Microsoft\Office\Word.pip [1480] O61 - LFC:Last File Created 16/07/2010 - 00:31:22 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\~DF90C5.tmp [65536] O61 - LFC:Last File Created 16/07/2010 - 00:31:26 -SH-- C:\Documents And Settings\Marie Zim\ntuser.ini [184] O61 - LFC:Last File Created 16/07/2010 - 00:32:22 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 16/07/2010 - 00:32:24 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384] O61 - LFC:Last File Created 16/07/2010 - 00:32:24 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 16/07/2010 - 00:32:24 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 16/07/2010 - 00:32:26 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini [4334] O61 - LFC:Last File Created 16/07/2010 - 00:32:30 -SHA- C:\Documents And Settings\Marie Zim\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 16/07/2010 - 00:32:32 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Historique\History.IE5\MSHist012010071620100717\index.dat [49152] O61 - LFC:Last File Created 16/07/2010 - 00:33:14 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5627] O61 - LFC:Last File Created 16/07/2010 - 00:33:14 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [5627] O61 - LFC:Last File Created 16/07/2010 - 00:33:58 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-16 (01-33-57).txt [1043] O61 - LFC:Last File Created 16/07/2010 - 00:37:34 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\jusched.log [4214] O61 - LFC:Last File Created 16/07/2010 - 00:38:36 ---A- C:\Documents And Settings\Marie Zim\UserData\index.dat [32768] O61 - LFC:Last File Created 16/07/2010 - 00:38:44 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [1078] O61 - LFC:Last File Created 16/07/2010 - 00:38:44 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@nspmotion[2].txt [106] O61 - LFC:Last File Created 16/07/2010 - 00:38:54 ---A- C:\Documents And Settings\Marie Zim\UserData\UNIBET05\pmocntr[1].xml [40] O61 - LFC:Last File Created 16/07/2010 - 00:39:06 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@verify[1].txt [130] O61 - LFC:Last File Created 16/07/2010 - 00:39:18 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@amgdgt[1].txt [501] O61 - LFC:Last File Created 16/07/2010 - 00:39:18 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@atdmt[1].txt [180] O61 - LFC:Last File Created 16/07/2010 - 00:39:18 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@scorecardresearch[2].txt [107] O61 - LFC:Last File Created 16/07/2010 - 00:39:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@intellitxt[2].txt [119] O61 - LFC:Last File Created 16/07/2010 - 00:39:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@pcastuces[1].txt [96] O61 - LFC:Last File Created 16/07/2010 - 00:41:52 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@google[2].txt [343] O61 - LFC:Last File Created 16/07/2010 - 00:49:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [469] O61 - LFC:Last File Created 16/07/2010 - 00:56:38 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [361] O61 - LFC:Last File Created 16/07/2010 - 00:59:36 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@bubblestat[2].txt [865] O61 - LFC:Last File Created 16/07/2010 - 01:03:04 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [397] O61 - LFC:Last File Created 16/07/2010 - 01:03:12 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [145] O61 - LFC:Last File Created 16/07/2010 - 01:03:12 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@nxtck[2].txt [100] O61 - LFC:Last File Created 16/07/2010 - 01:06:14 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [694] O61 - LFC:Last File Created 16/07/2010 - 01:06:18 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@01net[2].txt [611] O61 - LFC:Last File Created 16/07/2010 - 01:08:30 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-07-16 (02-08-29).txt [1149] O61 - LFC:Last File Created 16/07/2010 - 01:08:30 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.74889 [82] O61 - LFC:Last File Created 16/07/2010 - 01:08:30 ---A- C:\Documents And Settings\Marie Zim\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.74889 [8704] O61 - LFC:Last File Created 16/07/2010 - 01:08:36 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\2192093 [38] O61 - LFC:Last File Created 16/07/2010 - 01:09:32 ---A- C:\Documents And Settings\Marie Zim\Recent\T30DebugLogFile.lnk [549] O61 - LFC:Last File Created 16/07/2010 - 01:09:38 ---A- C:\Documents And Settings\Marie Zim\Recent\CLML_AGENT_LOG1.lnk [549] O61 - LFC:Last File Created 16/07/2010 - 01:09:38 ---A- C:\Documents And Settings\Marie Zim\Recent\Temp.lnk [367] O61 - LFC:Last File Created 16/07/2010 - 01:10:44 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384] O61 - LFC:Last File Created 16/07/2010 - 01:10:44 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384] O61 - LFC:Last File Created 16/07/2010 - 01:13:12 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@a2dfp[1].txt [370] O61 - LFC:Last File Created 16/07/2010 - 01:13:34 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [147] O61 - LFC:Last File Created 16/07/2010 - 01:13:34 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@serving-sys[1].txt [923] O61 - LFC:Last File Created 16/07/2010 - 01:15:54 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@recaptcha[1].txt [118] O61 - LFC:Last File Created 16/07/2010 - 01:20:54 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@menara[2].txt [425] O61 - LFC:Last File Created 16/07/2010 - 01:27:54 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [482] O61 - LFC:Last File Created 16/07/2010 - 01:27:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [373] O61 - LFC:Last File Created 16/07/2010 - 01:27:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@commentcamarche[2].txt [559] O61 - LFC:Last File Created 16/07/2010 - 01:27:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@smartadserver[1].txt [430] O61 - LFC:Last File Created 16/07/2010 - 01:27:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [111] O61 - LFC:Last File Created 16/07/2010 - 01:30:42 ---A- C:\Documents And Settings\Marie Zim\Favoris\PC infecté surabaya et autres - Forums Zebulon.fr.url [267] O61 - LFC:Last File Created 16/07/2010 - 13:29:02 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@adviva[1].txt [92] O61 - LFC:Last File Created 16/07/2010 - 13:31:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [435] O61 - LFC:Last File Created 16/07/2010 - 13:31:20 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [215] O61 - LFC:Last File Created 16/07/2010 - 13:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [168] O61 - LFC:Last File Created 16/07/2010 - 13:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [101] O61 - LFC:Last File Created 16/07/2010 - 13:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [93] O61 - LFC:Last File Created 16/07/2010 - 13:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@specificclick[1].txt [1160] O61 - LFC:Last File Created 16/07/2010 - 13:31:22 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@zebulon[2].txt [495] O61 - LFC:Last File Created 16/07/2010 - 13:31:38 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@kztechs[1].txt [336] O61 - LFC:Last File Created 16/07/2010 - 13:31:56 ---A- C:\Documents And Settings\Marie Zim\Recent\sreng2.lnk [300] O61 - LFC:Last File Created 16/07/2010 - 13:32:20 ---A- C:\Documents And Settings\Marie Zim\Bureau\sreng2.zip [684619] O61 - LFC:Last File Created 16/07/2010 - 13:33:00 ---A- C:\Documents And Settings\Marie Zim\Cookies\index.dat [49152] O61 - LFC:Last File Created 16/07/2010 - 13:33:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Historique\History.IE5\index.dat [65536] O61 - LFC:Last File Created 16/07/2010 - 13:33:00 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\Rar$EX00.890\SRE3e21a78f.EXE [1709600] O61 - LFC:Last File Created 16/07/2010 - 13:37:30 ---A- C:\Documents And Settings\Marie Zim\Bureau\SREngLOG.log [33888] O61 - LFC:Last File Created 16/07/2010 - 13:37:30 ---A- C:\Documents And Settings\Marie Zim\Recent\SREngLOG.lnk [398] O61 - LFC:Last File Created 16/07/2010 - 13:38:28 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [574] O61 - LFC:Last File Created 16/07/2010 - 13:38:28 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [569] O61 - LFC:Last File Created 16/07/2010 - 23:22:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [381] O61 - LFC:Last File Created 16/07/2010 - 23:22:56 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][2].txt [373] O61 - LFC:Last File Created 16/07/2010 - 23:23:30 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@weborama[1].txt [252] O61 - LFC:Last File Created 16/07/2010 - 23:25:00 ---A- C:\Documents And Settings\Marie Zim\Recent\CCleaner (2).lnk [423] O61 - LFC:Last File Created 16/07/2010 - 23:25:00 ---A- C:\Documents And Settings\Marie Zim\Recent\CCleaner.lnk [590] O61 - LFC:Last File Created 16/07/2010 - 23:25:26 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@cgi-bin[2].txt [214] O61 - LFC:Last File Created 16/07/2010 - 23:26:16 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\AUCHECK_CORE.txt [302] O61 - LFC:Last File Created 16/07/2010 - 23:26:16 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\AUCHECK_PARSER.txt [295] O61 - LFC:Last File Created 16/07/2010 - 23:40:00 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [140] O61 - LFC:Last File Created 16/07/2010 - 23:40:00 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [111] O61 - LFC:Last File Created 16/07/2010 - 23:40:02 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie [email protected][1].txt [68] O61 - LFC:Last File Created 16/07/2010 - 23:40:50 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\00145821_Rar\uninst.exe [187712] O61 - LFC:Last File Created 16/07/2010 - 23:40:50 ---A- C:\Documents And Settings\Marie Zim\Local Settings\Temp\001458BD_Rar\Au_.exe [187712] O61 - LFC:Last File Created 16/07/2010 - 23:41:58 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@bing[2].txt [354] O61 - LFC:Last File Created 16/07/2010 - 23:42:02 ---A- C:\Documents And Settings\Marie Zim\Application Data\Macromedia\Flash Player\#SharedObjects\BRC6GBNE\cdn5.specificclick.net\img\gu.sol [69] O61 - LFC:Last File Created 16/07/2010 - 23:42:02 ---A- C:\Documents And Settings\Marie Zim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn5.specificclick.net\settings.sol [92] O61 - LFC:Last File Created 16/07/2010 - 23:42:02 ---A- C:\Documents And Settings\Marie Zim\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [496] O61 - LFC:Last File Created 16/07/2010 - 23:42:02 ---A- C:\Documents And Settings\Marie Zim\Cookies\marie zim@bluestreak[1].txt [134] ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.) O63 - Logiciel: OTL - (.OldTimer.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - C:\Windows\system32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.9.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - (.not file.) - aic32p (aic32p) .(.Pas de propriétaire - Pas de description.) - LEGACY_AIC32P O64 - Services: CurCS - C:\Windows\system32\DRIVERS\aliide.sys - AliIde (AliIde) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\amdagp.sys - Pilote de filtre du bus AMD AGP (amdagp) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\asc.sys - asc (asc) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC O64 - Services: CurCS - C:\Windows\system32\DRIVERS\asc3550.sys - asc3550 (asc3550) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550 O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\Acer\Empowering Technology\admServ.exe - AdminWorks Agent X6 (AWService) .(.Avocent Inc. - Service Program for Acer.) - LEGACY_AWSERVICE O64 - Services: CurCS - (.not file.) - bdfdll (bdfdll) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFDLL O64 - Services: CurCS - (.not file.) - BDFSDRV (BDFSDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFSDRV O64 - Services: CurCS - (.not file.) - BitDefender Firewall TDI Filter (bdftdif) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFTDIF O64 - Services: CurCS - (.not file.) - bdpredir (bdpredir) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDPREDIR O64 - Services: CurCS - (.not file.) - BDRSDRV (BDRSDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDRSDRV O64 - Services: CurCS - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe - CyberLink Background Capture Service (CBCS) (CLCapSvc) .(.Pas de propriétaire - CLCapSvc Module.) - LEGACY_CLCAPSVC O64 - Services: CurCS - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe - CyberLink Task Scheduler (CTS) (CLSched) .(.Pas de propriétaire - CLSched Module.) - LEGACY_CLSCHED O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cmdide.sys - CmdIde (CmdIde) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE O64 - Services: CurCS - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe - CyberLink Media Library Service (CyberLink Media Library Service) .(.Cyberlink - NT CLMLServer.) - LEGACY_CYBERLINK_MEDIA_LIBRARY_SERVICE O64 - Services: CurCS - C:\Windows\system32\DRIVERS\dac2w2k.sys - dac2w2k (dac2w2k) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - (.not file.) - EAMON (eamon) .(.Pas de propriétaire - Pas de description.) - LEGACY_EAMON O64 - Services: CurCS - (.not file.) - easdrv (easdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EASDRV O64 - Services: CurCS - (.not file.) - epfwtdir (epfwtdir) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWTDIR O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-psd.sys - Acer EPM Power Scheme Driver (EpmPsd) .(.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) - LEGACY_EPMPSD O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-shd.sys - Acer EPM System Hardware Driver (EpmShd) .(.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) - LEGACY_EPMSHD O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - Intel® PROSet/Wireless Event Log (EvtEng) .(.Intel Corporation - Intel® PROSet/Wireless Event Log.) - LEGACY_EVTENG O64 - Services: CurCS - (.not file.) - F-Secure HIPS (F-Secure HIPS) .(.Pas de propriétaire - Pas de description.) - LEGACY_F-SECURE_HIPS O64 - Services: CurCS - C:\Program Files\F-Secure\Anti-Virus\fsbldrv.sys - F-Secure BlackLight Engine Driver (fsbl) .(.F-Secure Corporation - F-Secure BlackLight Driver.) - LEGACY_FSBL O64 - Services: CurCS - (.not file.) - F-Secure Firewall Driver (FSFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSFW O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Oracle - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mraid35x.sys - mraid35x (mraid35x) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\Drivers\NdisFilt.sys - OSA NdisFilter Protocol (NdisFilt) .(.OSA Technologies - NDIS Filter Driver.) - LEGACY_NDISFILT O64 - Services: CurCS - C:\WINDOWS\system32\drivers\osaio.sys - osaio (osaio) .(.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) - LEGACY_OSAIO O64 - Services: CurCS - C:\WINDOWS\system32\drivers\osanbm.sys - osanbm (osanbm) .(.Windows ® 2000 DDK provider - Windows int15 Driver.) - LEGACY_OSANBM O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - (.not file.) - PCTSDInjDriver32 (PCTSDInjDriver32) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTSDINJDRIVER32 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql1080.sys - ql1080 (ql1080) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql12160.sys - ql12160 (ql12160) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ql1280.sys - ql1280 (ql1280) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280 O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - Intel® PROSet/Wireless Registry Service (RegSrvc) .(.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC O64 - Services: CurCS - C:\Program Files\CyberLink\Shared Files\RichVideo.exe - Cyberlink RichVideo Service(CRVS) (RichVideo) .(.Pas de propriétaire - RichVideo Module.) - LEGACY_RICHVIDEO O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - Intel® PROSet/Wireless Service (S24EventMonitor) .(.Intel Corporation - Wireless Management Service.) - LEGACY_S24EVENTMONITOR O64 - Services: CurCS - C:\Windows\system32\DRIVERS\s24trans.sys - Transport RLAN (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sisagp.sys - Filtre de bus AGP SIS (sisagp) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sparrow.sys - Sparrow (Sparrow) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW O64 - Services: CurCS - C:\Windows\system32\DRIVERS\symc810.sys - symc810 (symc810) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\symc8xx.sys - symc8xx (symc8xx) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sym_hi.sys - sym_hi (sym_hi) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - C:\Windows\system32\DRIVERS\sym_u3.sys - sym_u3 (sym_u3) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UBHELPER.sys - UBHelper (UBHelper) .(.Pas de propriétaire - Pas de description.) - LEGACY_UBHELPER O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ultra.sys - ultra (ultra) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA ---\\ Liste des fichiers non signés (LUF) (O65) O65 - LUF:24/08/2005 (.Pas de propriétaire - MSNChatHook Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\MSNChatHook.dll O65 - LUF:22/01/1999 (.Pas de propriétaire - msrtedit Module.) (1, 0, 0, 1) - c:\windows\system32\MSRTEDIT.DLL ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) [HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Sample Toolband Serach] O69 - SBI: SearchScopes ${searchCLSID}- (@ieframe.dll,-12512) - Bing ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by Marie Zim at 16/07/2010 14:43:44 device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK End of the scan (1134 lines in 05mn 52s) Merci de votre aide
  12. ci joint rapport 2010-07-16,14:35:10 System Repair Engineer 2.8.2.1321 Smallfrogs (http://www.KZTechs.com) Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been selected: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Running Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Scheduled Tasks Windows Security Update Check API HOOK Hidden Process Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <MSConfig><C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto> [(Verified)Microsoft Windows Component Publisher] <Malwarebytes Anti-Malware (reboot)><"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript> [Malwarebytes Corporation] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\Userinit.exe,> [(Verified)Microsoft Windows Component Publisher] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] <SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher] <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] <WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] <WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] <WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <WinlogonNotify: igfxcui><igfxdev.dll> [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] <WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] <WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] <WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] <WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] <WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] <WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <Personnalisation du navigateur><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] <Mise à jour du Bureau Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}] <Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Publisher] [HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><C:\WINDOWS\system32\ssstars.scr> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <Acer ePower Management><; C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot> [File is missing] <ADMTray.exe><; "C:\Acer\Empowering Technology\admtray.exe"> [Avocent Inc.] <Alcmtr><; ALCMTR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <BDAgent><; "C:\Program Files\Softwin\BitDefender10\bdagent.exe"> [File is missing] <BDMCon><; "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg> [File is missing] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <CTFMON.EXE><; C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <eDataSecurity Loader><; C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe> [HiTRUST] <EPM-DM><; c:\acer\Empowering Technology\ePower\epm-dm.exe> [Acer Inc] <eRecoveryService><; C:\Acer\Empowering Technology\eRecovery\Monitor.exe> [acer Inc.] <igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <igfxpers><; C:\WINDOWS\system32\igfxpers.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <igfxtray><; C:\WINDOWS\system32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <LaunchApp><; Alaunch> [N/A] <LManager><; C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE> [Dritek System Inc.] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC> [(Verified)Microsoft Windows Publisher] <PCMService><; "C:\Program Files\Acer\Acer Arcade\PCMService.exe"> [CyberLink Corp.] <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.] <RTHDCPL><; RTHDCPL.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <SunJavaUpdateSched><; "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"> [sun Microsystems, Inc.] <SynTPEnh><; C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [synaptics, Inc.] <SynTPLpr><; C:\Program Files\Synaptics\SynTP\SynTPLpr.exe> [synaptics, Inc.] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <WOOKIT><; C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe> [File is missing] ================================== Startup Folders N/A ================================== Services [Gestion d'applications / AppMgmt][stopped/Manual Start] <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A> [service d'état ASP.NET / aspnet_state][stopped/Manual Start] <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation> [Ati HotKey Poller / Ati HotKey Poller][stopped/Auto Start] <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.> [AdminWorks Agent X6 / AWService][Running/Disabled] <"C:\Acer\Empowering Technology\admServ.exe"><Avocent Inc.> [CyberLink Background Capture Service (CBCS) / CLCapSvc][Running/Disabled] <"C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe"><> [CyberLink Task Scheduler (CTS) / CLSched][Running/Disabled] <"C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe"><> [CyberLink Media Library Service / CyberLink Media Library Service][Running/Disabled] <"C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe"><Cyberlink> [intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation> [Accès du périphérique d'interface utilisateur / HidServ][stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> [Java Quick Starter / JavaQuickStarterService][Running/Auto Start] <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Oracle> [intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation> [Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Disabled] <"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><> [intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start] <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation> ================================== Drivers [General Purpose USB Driver (adildr.sys) / ADILOADER][stopped/Auto Start] <System32\Drivers\adildr.sys><Analog Deivces> [uSB ADSL WAN Adapter / adiusbaw][stopped/Manual Start] <system32\DRIVERS\adiusbaw.sys><Analog Devices Inc.> [AEGIS Protocol (IEEE 802.1x) v3.4.9.0 / AegisP][Running/Auto Start] <system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications> [aic32p / aic32p][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\lpgmmn.sys><N/A> [AliIde / AliIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.> [Pilote de filtre du bus AMD AGP / amdagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdagp.sys><Advanced Micro Devices, Inc.> [asc / asc][Running/Boot Start] <\SystemRoot\system32\DRIVERS\asc.sys><Advanced System Products, Inc.> [asc3550 / asc3550][Running/Boot Start] <\SystemRoot\system32\DRIVERS\asc3550.sys><Advanced System Products, Inc.> [ati2mtag / ati2mtag][stopped/Manual Start] <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.> [bdfdll / bdfdll][stopped/Manual Start] <\??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys><N/A> [bDFSDRV / BDFSDRV][stopped/Manual Start] <\??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys><N/A> [bdpredir / bdpredir][stopped/System Start] <\??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys><N/A> [bDRSDRV / BDRSDRV][stopped/Auto Start] <\??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys><N/A> [CmdIde / CmdIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.> [dac2w2k / dac2w2k][Running/Boot Start] <\SystemRoot\system32\DRIVERS\dac2w2k.sys><Mylex Corporation> [Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start] <system32\DRIVERS\DKbFltr.sys><Dritek System Inc.> [uSB ADSL2 WAN Adapter / e4usbaw][stopped/Manual Start] <system32\DRIVERS\e4usbaw.sys><N/A> [Acer EPM Power Scheme Driver / EpmPsd][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\epm-psd.sys><Acer Value Labs, USA> [Acer EPM System Hardware Driver / EpmShd][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\epm-shd.sys><Acer Value Labs, USA> [F-Secure BlackLight Engine Driver / fsbl][stopped/Manual Start] <\??\C:\Program Files\F-Secure\Anti-Virus\fsbldrv.sys><F-Secure Corporation> [Pilote de bus Microsoft UAA pour High Definition Audio / HDAudBus][Running/Manual Start] <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider> [HSFHWAZL / HSFHWAZL][Running/Manual Start] <system32\DRIVERS\HSFHWAZL.sys><Conexant Systems, Inc.> [HSF_DPV / HSF_DPV][Running/Manual Start] <system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.> [ialm / ialm][Running/Manual Start] <system32\DRIVERS\ialmnt5.sys><Intel Corporation> [General Purpose USB Driver (e4ldr.sys) / IKANLOADER2][stopped/Auto Start] <System32\Drivers\e4ldr.sys><N/A> [service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.> [mdmxsdk / mdmxsdk][Running/Auto Start] <system32\DRIVERS\mdmxsdk.sys><Conexant> [mraid35x / mraid35x][Running/Boot Start] <\SystemRoot\system32\DRIVERS\mraid35x.sys><American Megatrends Inc.> [OSA NdisFilter Protocol / NdisFilt][stopped/Manual Start] <System32\Drivers\NdisFilt.sys><OSA Technologies> [Acer NetMonitor Protocol / NETMNT][stopped/Manual Start] <system32\DRIVERS\NETMNT.sys><N/A> [NetGroup Packet Filter Driver / NPF][stopped/Manual Start] <system32\drivers\npf.sys><CACE Technologies> [upper Class Filter Driver / NTIDrvr][Running/Manual Start] <system32\DRIVERS\NTIDrvr.sys><NewTech Infosystems, Inc.> [OsaFsLoc / OsaFsLoc][Running/System Start] <\??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys><OSA Technologies> [osaio / osaio][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\osaio.sys><OSA Technologies, An Avocent Company> [osanbm / osanbm][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\osanbm.sys><Windows (R) 2000 DDK provider> [PCAMPR5 NDIS Protocol Driver / PCAMPR5][stopped/Manual Start] <\??\C:\WINDOWS\system32\PCAMPR5.SYS><N/A> [PCANDIS5 NDIS Protocol Driver / PCANDIS5][stopped/Manual Start] <\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)> [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [ql1080 / ql1080][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ql1080.sys><QLogic Corporation> [ql12160 / ql12160][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ql12160.sys><QLogic Corporation> [ql1280 / ql1280][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ql1280.sys><QLogic Corporation> [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation> [Transport RLAN / s24trans][Running/Auto Start] <system32\DRIVERS\s24trans.sys><Intel Corporation> [secdrv / Secdrv][stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.> [Filtre de bus AGP SIS / sisagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sisagp.sys><Silicon Integrated Systems Corporation> [sparrow / Sparrow][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sparrow.sys><Adaptec, Inc.> [symc810 / symc810][Running/Boot Start] <\SystemRoot\system32\DRIVERS\symc810.sys><Symbios Logic Inc.> [symc8xx / symc8xx][Running/Boot Start] <\SystemRoot\system32\DRIVERS\symc8xx.sys><LSI Logic> [sym_hi / sym_hi][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sym_hi.sys><LSI Logic> [sym_u3 / sym_u3][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sym_u3.sys><LSI Logic> [synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.> [ultra / ultra][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ultra.sys><Promise Technology, Inc.> [Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP / w29n51][Running/Manual Start] <system32\DRIVERS\w29n51.sys><Intel® Corporation> [winachsf / winachsf][Running/Manual Start] <system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.> ================================== Browser Add-ons [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Oracle> [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Oracle> [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation> [CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll, Kaspersky Lab> [Java Plug-in 1.6.0_21] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) > [] {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, > [Java Plug-in 1.6.0_21] {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) > [Java Plug-in 1.6.0_21] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_21.dll, (Signed) Oracle> [shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx, (Signed) Adobe Systems, Inc.> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated> [CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\system32\Kaspersky Lab\Kaspersky On-line Scanner\kavwebscan.dll, Kaspersky Lab> [] {1462651F-F4BA-4C76-A001-C4284D0FE16E} <, > [] {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} <, > [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Fichiers communs\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation> [] {300DB664-75B5-47C0-8B45-A44ACCF73C00} <, > [] {472734EA-242A-422B-ADF8-83D1E48CC825} <, > [Microsoft Terminal Services Client Control (redist)] {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation> [Microsoft Terminal Services Client Control (redist)] {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [showBarObj Class] {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} <C:\WINDOWS\system32\ActiveToolBand.dll, HiTRUST> [Navigateur Web Microsoft] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation> [Java Plug-in 1.6.0_21] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) > [Microsoft Terminal Services Client Control (redist)] {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [] {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} <, > [searchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [] {C4069E3A-68F1-403E-B40E-20066696354B} <, > [shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx, (Signed) Adobe Systems, Inc.> [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Oracle> [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, (Signed) Oracle> [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [&Sample Toolband Serach] <res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM, N/A> ================================== Running Processes [PID: 672 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 752 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 776 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4124] [C:\WINDOWS\system32\igfxdev.dll] [intel Corporation, 3.0.0.4363] [PID: 820 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [PID: 832 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 992 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1072 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1108 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1144 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1272 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [intel Corporation, 10, 1, 0, 1] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [intel Corporation, 10, 1, 0, 2] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [intel Corporation, 10, 1, 0, 5] [PID: 1372 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [intel Corporation , 10, 1, 0, 33] [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [intel Corporation, 10, 1, 0, 5] [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [intel Corporation, 10, 1, 0, 2] [C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ] [C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 0, 2] [C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ] [PID: 1416 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1544 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1732 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 1804 / SERVICE LOCAL][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1836 / SYSTEM][C:\Acer\Empowering Technology\admServ.exe] [Avocent Inc., 1.5.28.78] [C:\Acer\Empowering Technology\OsaFsLoc.dll] [OSA Technologies Inc. Taiwan Branch, 2, 0, 0, 1] [C:\Acer\Empowering Technology\osaiodll.dll] [OSA Technologies Inc. Taiwan Branch, 1, 1, 2, 16] [C:\Acer\Empowering Technology\IpmiTrans.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 3, 14] [C:\Acer\Empowering Technology\SYSAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 5, 17] [C:\Acer\Empowering Technology\SMBIOSAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 6, 7] [C:\Acer\Empowering Technology\cpuid_dll.dll] [ OSA Technologies, Inc., 1, 0, 6, 13] [C:\Acer\Empowering Technology\NBAPI.dll] [OSA Technologies Inc. Taiwan Branch, 1, 0, 1, 2] [C:\Acer\Empowering Technology\NetMonitor.dll] [N/A, ] [C:\Acer\Empowering Technology\s_lm85m.dll] [OSA Technologies, An Avocent Company, 1, 2, 2, 5] [C:\Acer\Empowering Technology\s_smsc47m1.dll] [OSA Technologies, An Avocent Company, 1, 2, 4, 9] [C:\Acer\Empowering Technology\s_it87.dll] [OSA Technologies, An Avocent Company, 1, 2, 2, 3] [PID: 1864 / SYSTEM][C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe] [, 4.05.2019] [C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapEngine.dll] [, 4.05.2019] [C:\Program Files\Acer\Acer Arcade\Kernel\TV\PCMRRec4.dll] [CyberLink Corp., 4.01.2030] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvcps.dll] [N/A, ] [PID: 1904 / SYSTEM][C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe] [Cyberlink, 2, 1, 0, 1815] [PID: 1932 / SYSTEM][C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe] [Cyberlink, 2, 1, 0, 1815] [PID: 1972 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Oracle, 6.0.210.6] [C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.253 (QFE.050727-2500)] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfcounter.dll] [Microsoft Corporation, 1.1.4322.2032] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CorperfmonExt.dll] [Microsoft Corporation, 1.1.4322.2463] [C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2463] [PID: 148 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [intel Corporation, 10, 1, 0, 1] [PID: 184 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe] [, 1.0.1321 ] [PID: 228 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 320 / SYSTEM][C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe] [, 4.05.2019] [C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvcps.dll] [N/A, ] [C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSchMgr.dll] [, 4.05.2019] [PID: 2124 / Marie Zim][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [PID: 2332 / Marie Zim][C:\acer\Empowering Technology\ePower\epm-dm.exe] [Acer Inc, 2.81] [PID: 2404 / Marie Zim][C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe] [sun Microsystems, Inc., 2.0.2.4] [PID: 2988 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 3088 / SYSTEM][C:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [PID: 2164 / Marie Zim][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Java\jre6\bin\jp2ssv.dll] [Oracle, 6.0.210.6] [C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll] [Oracle, 6.0.210.6] [C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [PID: 3776 / SYSTEM][C:\WINDOWS\TEMP\winqptt.exe] [N/A, ] [PID: 2832 / Marie Zim][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [PID: 2212 / Marie Zim][C:\DOCUME~1\MARIEZ~1\LOCALS~1\Temp\Rar$EX00.890\SREngLdr.EXE] [smallfrogs Studio, 2.8.2.1321] [PID: 412 / Marie Zim][C:\DOCUME~1\MARIEZ~1\LOCALS~1\Temp\Rar$EX00.890\SRE3e21a78f.EXE] [smallfrogs Studio, 2.8.2.1321] [C:\DOCUME~1\MARIEZ~1\LOCALS~1\Temp\Rar$EX00.890\Upload\3rdUpd.DLL] [smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost ================================== Process Privileges Scan Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1372, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1836, C:\ACER\EMPOWERING TECHNOLOGY\ADMSERV.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1864, C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2332, C:\ACER\EMPOWERING TECHNOLOGY\EPOWER\EPM-DM.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2404, C:\PROGRAM FILES\FICHIERS COMMUNS\JAVA\JAVA UPDATE\JUSCHED.EXE] Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2832, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] ================================== Scheduled Tasks N/A ================================== Windows Security Update Check KB892130, Windows Genuine Advantage Validation Tool (KB892130) KB940767, Windows Internet Explorer 7 pour Windows XP KB940157, Windows Search 4.0 pour Windows XP (KB940157) KB909520, Package de fournisseur de services cryptographiques pour cartes à puce de base Microsoft : x86 (KB909520) KB951847, Microsoft .NET Framework 3.5 Service Pack 1 et mise à jour pour la gamme. NET Framework 3.5 x86 (KB951847) KB944036, Internet Explorer 8 pour Windows XP : KB971513, Mise à jour pour Windows XP (KB971513) KB931125, Mise à jour des certificats racine [Mai 2010] (KB931125) KB982670, Microsoft .NET Framework 4 Client Profile pour Windows XP x86 (KB982670) ================================== API HOOK N/A ================================== Hidden Process N/A ==================================
  13. Bonjour, Une amie m'a confié son pc, à son demarrage il m'affichait le fameux message de surabaya in my birthday. impossible d'installer les antivirus (je dispose de Fsecure), ni d'executer les fichers .exe, ni d'ouvrir ccleaner, et encore moins de demarrer en mode sans echec. Avec l'aide d'un forum srabaya a disparu ( au moins la fameuse notification), mais toujours infecté Merci de votre aide.
×
×
  • Créer...