Aller au contenu

ben ali

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    59

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par ben ali

  1. ben ali
    Mauvaise nouvelle mon pc se remet à rebooter quasi systématiquement quant je le démarre en mode normal.... Désolé pour cette procédure de désinfection à rallonge mais il y a apparemment toujours un soucis....
  2. ben ali
    Bonjour Bernard, Tu parles du fichier atapi.svs ou du fichier atapi.sys (dont je suis dans l'impossibilité de faire analyser) ? Merci encore par avance pour tes lumières informatiques !
  3. ben ali
    Ces derniers temps pas de soucis à signaler. Après c'est quand même bizarre que je sois dans l'incapacité de faire analyser le fichier atapi.sys. Est ce que ça cacherait pas quelque chose ?
  4. ben ali
    Bonjour Bernard, Voici l'analyse par virustotal du fichier atapi.svs : VirusTotal - Free Online Virus, Malware and URL Scanner
  5. ben ali
    Rebonjour Bernard, Ca me fait exactement la même chose avec le lien que vous venez de me donner (comme si le fichier "atapi" que je transmettais n'existait pas ou alors était un fake). J'ai le droit à "please insert a file name and try again". P.S : j'ai un autre fichier dénommé "atapi.svs" Merci encore par avance pour vos lumières
  6. ben ali
    Bonjour Bernard, En fait j'ai un petit problème avec la dernière étape ("Virustotal") que vous m'indiquez. En fait, après avoir selectionné, avec l'option "parcourir" le fichier "atapi.sys", j'appuie sur l'onglet "send file" et il ne se passe rien de concrêt (aucune analyse n'est menée). J'ai juste un écran "sending file" qui apparait très brièvement pour ensuite me ramener sur la page d'accueil. J'ai beau avoir essayé à plusieurs reprises mais ça ne change rien. Comment expliquez vous que je bute sur cette dernière étape du nettoyage ? Merci encore par avance pour votre lumière et votre aide précieuse ! Cordialement
  7. ben ali
    Je viens de lancer un scan avec TDSSkiller et apparemment il a détecté une menace ("threat"). Ne sachant pas s'il fallait la mettre en quarantaine ou l'effacer, j'ai choisi par défaut "skip" dans l'attente de vos indications. Sinon, voila le log issu de ce scan TDSSkiller: 2011/03/08 14:29:09.0781 3700 TDSS rootkit removing tool 2.4.20.0 Mar 2 2011 10:44:30 2011/03/08 14:29:10.0046 3700 ================================================================================ 2011/03/08 14:29:10.0046 3700 SystemInfo: 2011/03/08 14:29:10.0046 3700 2011/03/08 14:29:10.0046 3700 OS Version: 5.1.2600 ServicePack: 3.0 2011/03/08 14:29:10.0046 3700 Product type: Workstation 2011/03/08 14:29:10.0046 3700 ComputerName: PICASSO 2011/03/08 14:29:10.0046 3700 UserName: HP_Propriétaire 2011/03/08 14:29:10.0046 3700 Windows directory: C:\WINDOWS 2011/03/08 14:29:10.0062 3700 System windows directory: C:\WINDOWS 2011/03/08 14:29:10.0062 3700 Processor architecture: Intel x86 2011/03/08 14:29:10.0062 3700 Number of processors: 1 2011/03/08 14:29:10.0062 3700 Page size: 0x1000 2011/03/08 14:29:10.0062 3700 Boot type: Normal boot 2011/03/08 14:29:10.0062 3700 ================================================================================ 2011/03/08 14:29:11.0453 3700 Initialize success 2011/03/08 14:29:21.0593 2876 ================================================================================ 2011/03/08 14:29:21.0593 2876 Scan started 2011/03/08 14:29:21.0593 2876 Mode: Manual; 2011/03/08 14:29:21.0593 2876 ================================================================================ 2011/03/08 14:29:23.0281 2876 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys 2011/03/08 14:29:23.0328 2876 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys 2011/03/08 14:29:23.0406 2876 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys 2011/03/08 14:29:23.0546 2876 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/03/08 14:29:23.0625 2876 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/03/08 14:29:23.0734 2876 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/03/08 14:29:23.0796 2876 AegisP (2f7f3e8da380325866e566f5d5ec23d5) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2011/03/08 14:29:23.0859 2876 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2011/03/08 14:29:24.0093 2876 ALCXWDM (781c5ec517c53f5214b61253b20c13c4) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011/03/08 14:29:24.0250 2876 AmdK8 (62271ff14baa810323ac816c5d355ba9) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/03/08 14:29:24.0328 2876 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/03/08 14:29:24.0531 2876 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys 2011/03/08 14:29:24.0578 2876 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys 2011/03/08 14:29:24.0640 2876 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys 2011/03/08 14:29:24.0687 2876 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys 2011/03/08 14:29:24.0718 2876 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys 2011/03/08 14:29:24.0796 2876 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/03/08 14:29:24.0875 2876 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/03/08 14:29:24.0875 2876 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674 2011/03/08 14:29:24.0890 2876 atapi - detected Locked file (1) 2011/03/08 14:29:25.0000 2876 ati2mtag (e9ebf7dca6c5eb9c597035a10a5a6a1b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/03/08 14:29:25.0093 2876 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/03/08 14:29:25.0140 2876 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/03/08 14:29:25.0234 2876 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/03/08 14:29:25.0875 2876 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/03/08 14:29:26.0062 2876 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/03/08 14:29:26.0171 2876 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/03/08 14:29:26.0234 2876 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/03/08 14:29:26.0968 2876 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/03/08 14:29:27.0125 2876 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2011/03/08 14:29:27.0328 2876 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/03/08 14:29:27.0421 2876 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/03/08 14:29:27.0500 2876 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/03/08 14:29:27.0640 2876 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/03/08 14:29:27.0750 2876 ethtlmnb (89906ed9c50d5e225a03f74c994747bd) C:\WINDOWS\system32\drivers\ethtlmnb.sys 2011/03/08 14:29:27.0859 2876 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/03/08 14:29:27.0984 2876 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/03/08 14:29:28.0062 2876 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/03/08 14:29:28.0125 2876 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/03/08 14:29:28.0187 2876 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/03/08 14:29:28.0281 2876 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/03/08 14:29:28.0343 2876 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/03/08 14:29:28.0406 2876 GEARAspiWDM (2fb04db459c71f416ee8b05448ca4ac3) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2011/03/08 14:29:28.0484 2876 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/03/08 14:29:28.0640 2876 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS 2011/03/08 14:29:28.0796 2876 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/03/08 14:29:28.0968 2876 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/03/08 14:29:29.0093 2876 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/03/08 14:29:29.0156 2876 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/03/08 14:29:29.0390 2876 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/03/08 14:29:29.0656 2876 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/03/08 14:29:29.0750 2876 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/03/08 14:29:29.0984 2876 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/03/08 14:29:30.0125 2876 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/03/08 14:29:30.0203 2876 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/03/08 14:29:30.0265 2876 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/03/08 14:29:30.0359 2876 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/03/08 14:29:30.0468 2876 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/03/08 14:29:30.0531 2876 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/03/08 14:29:30.0640 2876 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/03/08 14:29:30.0750 2876 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/03/08 14:29:30.0875 2876 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/03/08 14:29:31.0125 2876 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/03/08 14:29:31.0281 2876 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/03/08 14:29:31.0484 2876 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys 2011/03/08 14:29:31.0609 2876 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/03/08 14:29:31.0687 2876 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/03/08 14:29:31.0953 2876 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/03/08 14:29:32.0203 2876 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/03/08 14:29:32.0375 2876 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/03/08 14:29:32.0500 2876 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/03/08 14:29:32.0625 2876 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/03/08 14:29:32.0953 2876 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/03/08 14:29:33.0046 2876 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/03/08 14:29:33.0125 2876 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/03/08 14:29:33.0187 2876 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/03/08 14:29:33.0234 2876 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/03/08 14:29:33.0359 2876 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/03/08 14:29:33.0515 2876 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/03/08 14:29:33.0578 2876 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/03/08 14:29:33.0640 2876 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/03/08 14:29:33.0687 2876 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/03/08 14:29:33.0765 2876 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/03/08 14:29:33.0828 2876 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/03/08 14:29:33.0875 2876 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/03/08 14:29:34.0000 2876 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/03/08 14:29:34.0062 2876 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/03/08 14:29:34.0109 2876 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/03/08 14:29:34.0187 2876 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/03/08 14:29:34.0234 2876 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/03/08 14:29:34.0296 2876 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/03/08 14:29:34.0375 2876 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/03/08 14:29:34.0421 2876 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/03/08 14:29:34.0453 2876 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/03/08 14:29:34.0484 2876 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/03/08 14:29:34.0531 2876 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS 2011/03/08 14:29:34.0609 2876 PcdrNdisuio (505cba425df3bb230f244e1c23221058) C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys 2011/03/08 14:29:34.0687 2876 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/03/08 14:29:34.0781 2876 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/03/08 14:29:34.0843 2876 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/03/08 14:29:35.0109 2876 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/03/08 14:29:35.0218 2876 PRISM_USB (9085ebeed5503c392b03f4cc129d779b) C:\WINDOWS\system32\DRIVERS\DELUSB_51.sys 2011/03/08 14:29:35.0296 2876 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/03/08 14:29:35.0375 2876 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys 2011/03/08 14:29:35.0406 2876 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/03/08 14:29:35.0468 2876 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/03/08 14:29:35.0515 2876 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/03/08 14:29:35.0718 2876 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/03/08 14:29:35.0781 2876 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/03/08 14:29:35.0828 2876 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/03/08 14:29:35.0890 2876 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/03/08 14:29:35.0937 2876 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/03/08 14:29:35.0984 2876 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/03/08 14:29:36.0062 2876 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/03/08 14:29:36.0125 2876 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/03/08 14:29:36.0218 2876 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys 2011/03/08 14:29:36.0312 2876 RT73 (4f153709d0691c6de8c9a4c5e813907c) C:\WINDOWS\system32\DRIVERS\rt73.sys 2011/03/08 14:29:36.0359 2876 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 2011/03/08 14:29:36.0515 2876 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/03/08 14:29:36.0609 2876 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2011/03/08 14:29:36.0656 2876 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2011/03/08 14:29:36.0796 2876 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 2011/03/08 14:29:36.0890 2876 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/03/08 14:29:36.0984 2876 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/03/08 14:29:37.0046 2876 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/03/08 14:29:37.0140 2876 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/03/08 14:29:37.0203 2876 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/03/08 14:29:37.0390 2876 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/03/08 14:29:37.0484 2876 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/03/08 14:29:37.0531 2876 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/03/08 14:29:37.0578 2876 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/03/08 14:29:37.0609 2876 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/03/08 14:29:37.0718 2876 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/03/08 14:29:37.0796 2876 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/03/08 14:29:37.0859 2876 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/03/08 14:29:37.0921 2876 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/03/08 14:29:37.0968 2876 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/03/08 14:29:38.0015 2876 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/03/08 14:29:38.0046 2876 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/03/08 14:29:38.0093 2876 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/03/08 14:29:38.0140 2876 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/03/08 14:29:38.0187 2876 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/03/08 14:29:38.0234 2876 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/03/08 14:29:38.0296 2876 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2011/03/08 14:29:38.0343 2876 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/03/08 14:29:38.0421 2876 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/03/08 14:29:38.0531 2876 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/03/08 14:29:38.0734 2876 ================================================================================ 2011/03/08 14:29:38.0734 2876 Scan finished 2011/03/08 14:29:38.0734 2876 ================================================================================ 2011/03/08 14:29:38.0765 3672 Detected object count: 1 2011/03/08 14:30:22.0796 3672 Locked file(atapi) - User select action: Skip 2011/03/08 14:30:26.0312 2252 ================================================================================ 2011/03/08 14:30:26.0312 2252 Scan started 2011/03/08 14:30:26.0312 2252 Mode: Manual; 2011/03/08 14:30:26.0312 2252 ================================================================================ 2011/03/08 14:30:26.0593 2252 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys 2011/03/08 14:30:26.0640 2252 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys 2011/03/08 14:30:26.0703 2252 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys 2011/03/08 14:30:26.0812 2252 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/03/08 14:30:26.0843 2252 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/03/08 14:30:26.0937 2252 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/03/08 14:30:27.0000 2252 AegisP (2f7f3e8da380325866e566f5d5ec23d5) C:\WINDOWS\system32\DRIVERS\AegisP.sys 2011/03/08 14:30:27.0062 2252 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2011/03/08 14:30:27.0265 2252 ALCXWDM (781c5ec517c53f5214b61253b20c13c4) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2011/03/08 14:30:27.0421 2252 AmdK8 (62271ff14baa810323ac816c5d355ba9) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/03/08 14:30:27.0500 2252 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/03/08 14:30:27.0687 2252 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys 2011/03/08 14:30:27.0734 2252 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys 2011/03/08 14:30:27.0781 2252 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys 2011/03/08 14:30:27.0812 2252 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys 2011/03/08 14:30:27.0875 2252 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys 2011/03/08 14:30:27.0937 2252 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/03/08 14:30:28.0000 2252 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/03/08 14:30:28.0000 2252 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674 2011/03/08 14:30:28.0015 2252 atapi - detected Locked file (1) 2011/03/08 14:30:28.0140 2252 ati2mtag (e9ebf7dca6c5eb9c597035a10a5a6a1b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/03/08 14:30:28.0203 2252 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/03/08 14:30:28.0265 2252 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/03/08 14:30:28.0343 2252 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/03/08 14:30:28.0687 2252 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/03/08 14:30:28.0828 2252 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/03/08 14:30:28.0890 2252 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/03/08 14:30:28.0937 2252 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/03/08 14:30:29.0281 2252 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/03/08 14:30:29.0343 2252 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2011/03/08 14:30:29.0406 2252 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/03/08 14:30:29.0453 2252 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/03/08 14:30:29.0500 2252 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/03/08 14:30:29.0578 2252 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/03/08 14:30:29.0656 2252 ethtlmnb (89906ed9c50d5e225a03f74c994747bd) C:\WINDOWS\system32\drivers\ethtlmnb.sys 2011/03/08 14:30:29.0718 2252 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/03/08 14:30:29.0781 2252 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/03/08 14:30:29.0828 2252 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/03/08 14:30:29.0875 2252 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 2011/03/08 14:30:29.0921 2252 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/03/08 14:30:30.0000 2252 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/03/08 14:30:30.0046 2252 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/03/08 14:30:30.0078 2252 GEARAspiWDM (2fb04db459c71f416ee8b05448ca4ac3) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2011/03/08 14:30:30.0171 2252 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/03/08 14:30:30.0281 2252 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS 2011/03/08 14:30:30.0484 2252 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/03/08 14:30:30.0609 2252 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/03/08 14:30:30.0640 2252 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/03/08 14:30:30.0671 2252 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/03/08 14:30:30.0750 2252 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/03/08 14:30:30.0875 2252 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/03/08 14:30:30.0937 2252 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/03/08 14:30:31.0046 2252 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/03/08 14:30:31.0078 2252 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/03/08 14:30:31.0125 2252 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/03/08 14:30:31.0156 2252 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/03/08 14:30:31.0218 2252 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/03/08 14:30:31.0296 2252 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/03/08 14:30:31.0343 2252 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/03/08 14:30:31.0390 2252 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/03/08 14:30:31.0437 2252 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/03/08 14:30:31.0468 2252 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/03/08 14:30:31.0515 2252 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/03/08 14:30:31.0578 2252 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/03/08 14:30:31.0718 2252 ltmodem5 (919de7d76d2c0c0139e08b3e7592d62e) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys 2011/03/08 14:30:31.0781 2252 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/03/08 14:30:31.0859 2252 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/03/08 14:30:32.0125 2252 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/03/08 14:30:32.0312 2252 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/03/08 14:30:32.0390 2252 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/03/08 14:30:32.0468 2252 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/03/08 14:30:32.0531 2252 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/03/08 14:30:32.0609 2252 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/03/08 14:30:32.0671 2252 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/03/08 14:30:32.0718 2252 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/03/08 14:30:32.0750 2252 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/03/08 14:30:32.0828 2252 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/03/08 14:30:32.0875 2252 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/03/08 14:30:32.0937 2252 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/03/08 14:30:32.0968 2252 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/03/08 14:30:33.0000 2252 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/03/08 14:30:33.0046 2252 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/03/08 14:30:33.0125 2252 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/03/08 14:30:33.0156 2252 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/03/08 14:30:33.0203 2252 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/03/08 14:30:33.0296 2252 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/03/08 14:30:33.0328 2252 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/03/08 14:30:33.0375 2252 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/03/08 14:30:33.0437 2252 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/03/08 14:30:33.0500 2252 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/03/08 14:30:33.0531 2252 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/03/08 14:30:33.0593 2252 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/03/08 14:30:33.0656 2252 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/03/08 14:30:33.0687 2252 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/03/08 14:30:33.0734 2252 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/03/08 14:30:33.0812 2252 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS 2011/03/08 14:30:33.0859 2252 PcdrNdisuio (505cba425df3bb230f244e1c23221058) C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys 2011/03/08 14:30:34.0000 2252 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/03/08 14:30:34.0078 2252 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/03/08 14:30:34.0140 2252 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/03/08 14:30:34.0406 2252 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/03/08 14:30:34.0484 2252 PRISM_USB (9085ebeed5503c392b03f4cc129d779b) C:\WINDOWS\system32\DRIVERS\DELUSB_51.sys 2011/03/08 14:30:34.0531 2252 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/03/08 14:30:34.0593 2252 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys 2011/03/08 14:30:34.0625 2252 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/03/08 14:30:34.0671 2252 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/03/08 14:30:34.0734 2252 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/03/08 14:30:34.0937 2252 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/03/08 14:30:35.0015 2252 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/03/08 14:30:35.0062 2252 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/03/08 14:30:35.0109 2252 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/03/08 14:30:35.0156 2252 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/03/08 14:30:35.0203 2252 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/03/08 14:30:35.0265 2252 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/03/08 14:30:35.0328 2252 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/03/08 14:30:35.0421 2252 rspndr (a3b23fb3f295694091f51865f98588b2) C:\WINDOWS\system32\DRIVERS\rspndr.sys 2011/03/08 14:30:35.0500 2252 RT73 (4f153709d0691c6de8c9a4c5e813907c) C:\WINDOWS\system32\DRIVERS\rt73.sys 2011/03/08 14:30:35.0546 2252 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 2011/03/08 14:30:35.0640 2252 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/03/08 14:30:35.0718 2252 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2011/03/08 14:30:35.0812 2252 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2011/03/08 14:30:35.0937 2252 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 2011/03/08 14:30:36.0015 2252 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/03/08 14:30:36.0078 2252 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/03/08 14:30:36.0156 2252 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/03/08 14:30:36.0234 2252 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/03/08 14:30:36.0265 2252 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/03/08 14:30:36.0453 2252 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/03/08 14:30:36.0515 2252 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/03/08 14:30:36.0562 2252 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/03/08 14:30:36.0609 2252 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/03/08 14:30:36.0640 2252 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/03/08 14:30:36.0750 2252 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/03/08 14:30:36.0843 2252 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/03/08 14:30:36.0906 2252 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/03/08 14:30:36.0953 2252 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/03/08 14:30:37.0000 2252 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/03/08 14:30:37.0031 2252 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/03/08 14:30:37.0078 2252 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/03/08 14:30:37.0109 2252 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/03/08 14:30:37.0140 2252 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/03/08 14:30:37.0187 2252 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/03/08 14:30:37.0234 2252 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/03/08 14:30:37.0281 2252 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2011/03/08 14:30:37.0343 2252 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/03/08 14:30:37.0421 2252 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/03/08 14:30:37.0515 2252 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/03/08 14:30:37.0718 2252 ================================================================================ 2011/03/08 14:30:37.0718 2252 Scan finished 2011/03/08 14:30:37.0718 2252 ================================================================================ 2011/03/08 14:30:37.0828 3328 Detected object count: 1 2011/03/08 14:30:41.0453 3328 Locked file(atapi) - User select action: Skip
  8. ben ali
    Bonjour Bernard, Je viens de faire un scan rapide Malwarebyte et à priori pas de soucis ! Je vous mets tout de même le rapport qui est le suivant : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5988 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 08/03/2011 14:20:16 mbam-log-2011-03-08 (14-20-16).txt Type d'examen: Examen rapide Elément(s) analysé(s): 165825 Temps écoulé: 9 minute(s), 52 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Je passe maintenant à l'étape tdsskiller ! Merci encore par avance pour votre aide et le temps que vous prenez à me répondre !
  9. ben ali
    Bonsoir Bernard, J'ai essayé à plusieurs reprises de lancer un scan complet Malwarebyte jusqu'à son terme mais en vain car mon PC (en mode "normal") finit toujours par rebooter après environ 30-40 minutes ! Je poste donc ce message en mode sans échec avec réseau ! Merci encore par avance pour vos lumières précieuses P.S : Je suis retourné sur internet (en mode "normal") après avoir procédé à toutes les dernières manips que vous m'avez indiqué. Est ce que ça pourrait avoir réactivé le rootkit/trojan/virus ?
  10. ben ali
    Je me suis permis de passer à l'étape d'analyse du fichier "ethtlmnb.sys" Voici le lien de résultats de l'analyse virustotal: VirusTotal - Free Online Virus, Malware and URL Scanner
  11. ben ali
    Rebonjour Bernard, Je viens de lancer le nettoyage ZHPFIX. Voici son rapport après nettoyage : Rapport de ZHPFix 1.12.3257 par Nicolas Coolman, Update du 05/03/2011 Fichier d'export Registre : Run by HP_Propriétaire at 07/03/2011 13:56:26 Windows XP Home Edition Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport Contact : nicolascoolman@yahoo.fr ========== Clé(s) du Registre ========== O42 - Logiciel: J2SE Runtime Environment 5.0 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150000} => Clé supprimée avec succès O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} => Clé supprimée avec succès O42 - Logiciel: Java™ 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} => Clé supprimée avec succès O41 - Driver: (intelppm) . (. - .) - C:\Windows\System32\DRIVERS\intelppm.sys (.not file.) => Clé supprimée avec succès HKCU\Software\18RH6WMFH2 => Clé supprimée avec succès ========== Valeur(s) du Registre ========== O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline => Valeur supprimée avec succès O4 - HKCU\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) => Valeur supprimée avec succès O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) => Valeur absente O47 - AAKE:Key Export SP - "C:\Program Files\Kazaa\kazaa.exe" [Enabled] .(.) -- C:\Program Files\Kazaa\kazaa.exe (.not file.) => Valeur supprimée avec succès O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur supprimée avec succès O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe => Valeur absente FirewallRaz (SP) : C:\Program Files\AOL 9.0\waol.exe => Valeur supprimée avec succès FirewallRaz (SP) : E:\Setup.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hposid01.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\Program Files\Skype\Phone\Skype.exe => Valeur supprimée avec succès FirewallRaz (SP) : C:\WINDOWS\Temp\igbi\setup.exe => Valeur supprimée avec succès FirewallRaz : Aucune valeur présente dans la clé d'exception du registre . ========== Dossier(s) ========== Dossiers temporaires Windows supprimés: 1 ========== Fichier(s) ========== Fichiers temporaires Windows supprimés : 9 ========== Master Boot Record ========== Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: ST3200822AS rev.3.02 -> \Device\Ide\IdeDeviceP0T0L0-3 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84AF4008]<< 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x84CB5030] 3 CLASSPNP[0xF763CFD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000065[0x84D902C8] 5 ACPI[0xF748A620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x84D33D98] \Driver\atapi[0x84D90620] -> IRP_MJ_CREATE -> 0x84AF4008 kernel: MBR read successfully detected hooks: \Driver\atapi -> 0x84af4008 user & kernel MBR OK Warning: possible MBR rootkit infection ! Resultat après le fix : Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Windows 5.1.2600 Disk: ST3200822AS rev.3.02 -> \Device\Ide\IdeDeviceP0T0L0-3 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84AF4008]<< 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x84CB5030] 3 CLASSPNP[0xF763CFD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000065[0x84D902C8] 5 ACPI[0xF748A620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x84D33D98] \Driver\atapi[0x84D90620] -> IRP_MJ_CREATE -> 0x84AF4008 kernel: MBR read successfully detected hooks: \Driver\atapi -> 0x84af4008 user & kernel MBR OK Warning: possible MBR rootkit infection ! ========== Récapitulatif ========== 5 : Clé(s) du Registre 25 : Valeur(s) du Registre 1 : Dossier(s) 1 : Fichier(s) 1 : Master Boot Record End of the scan Puis je passer à la prochaine étape du processsus que vous m'avez indiqué dans votre dernier poste ? Merci encore par avance pour votre aide !
  12. ben ali
    Bonjour Bernard, Comme convenu, voici le rapport ZHPDiag: Rapport de ZHPDiag v1.27.1628 par Nicolas Coolman, Update du 05/03/2011 Run by HP_Propriétaire at 07/03/2011 10:00:03 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox v3.5.15 (fr) GCIE: Google Chrome ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) Processor: x86 Family 15 Model 47 Stepping 0, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 446 MB (39% free) System Restore: Activé (Enable) System drive C: has 114 GB (63%) free of 180 GB ---\\ Logged in mode Computer Name: PICASSO User Name: HP_Propriétaire All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Propriétaire, HelpAssistant, Administrateur, Unselected Option: None Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\HP_Propriétaire\Application Data %LocalAppData%=C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 114 Go of 180 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 6 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824] [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000] [MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.13/04/2008 00:00:00.) -- C:\Windows\System32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\Windows\System32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.6BDB117F5CF40FE91FF50E1BB3F28184] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [364544] [MD5.5DEBC3519D489411073FA7E56FFB4A93] - (.ALWIL Software - avast! Antivirus updating service.) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [18752] [MD5.0AAF6B848185899CF76AE04E62EAB3D2] - (.ALWIL Software - avast! antivirus service.) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe [138680] [MD5.7B8875A5B04932AC73AFD8079864DB68] - (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\WINDOWS\ALCXMNTR.EXE [57344] [MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [MD5.BC8C698113F8576E4DB97CE2C1AED103] - (.Pas de propriétaire - ControlUtility MFC Application.) -- C:\Program Files\TM1184\ControlUtility\ControlUtility.exe [262144] [MD5.4367F2FBB01E4F8862E6351F1D8A16E7] - (.Emsi Software GmbH - a-squared Service.) -- C:\Program Files\a-squared Anti-Malware\a2service.exe [719392] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [MD5.112325F53AB720CA77825726D427FBDC] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.B2F564DC59B67763C73269E1A9DA7F18] - (.ALWIL Software - avast! e-Mail Scanner Service.) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [254040] [MD5.D86010C96ABADDA75356834D6113D37D] - (.ALWIL Software - avast! Web Scanner.) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [352920] [MD5.EC22CB0390D37E4FB2F174987B0E970F] - (.Nicolas Coolman - ZHPDiag.) -- C:\thomas\iufm\EmsisoftEmergencyKit\ZHPDiag2\ZHPDiag2.exe [2330128] [MD5.8C86190BAE1CE44913EE4C7108CD12FC] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\is-BRGSB.tmp\ZHPDiag2.tmp [715264] [MD5.EADCADF1AF5FBED3B517C4356811A06D] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPFix.exe [494592] [MD5.903E617600010767AE394F8083C9B1A7] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [632320] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Flash Player Helper 9.0 r28.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32_FlashUtil.exe P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll M0 - MFSP: prefs.js [HP_Propriétaire - kn1t48o0.default] http://www.google.fr/firefox&client=firefox-a&rlz=1R0GGIC_fr M2 - MFEP: prefs.js [HP_Propriétaire - kn1t48o0.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.) M2 - MFEP: prefs.js [HP_Propriétaire - kn1t48o0.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.0.20100326W (.Google Inc..) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R0 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (.not file.) O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (.not file.) O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.) O4 - HKLM\..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (.not file.) O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline O4 - HKLM\..\Run: [combofix] C:\ComboFix\CF11975.cfxxe \c C:\ComboFix\Combobatch.bat (.not file.) O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.exe (.not file.) O4 - HKLM\..\Run: [AlcxMonitor] . (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\Windows\ALCXMNTR.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.) O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) O4 - HKCU\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Dell Control Utility.lnk . (...) -- C:\Program Files\TM1184\ControlUtility\ControlUtility.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office10\OSA.EXE ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Illustrator 10.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady 7.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HP Precisionscan Pro 3.1 .lnk . (.Hewlett-Packard.) -- C:\Program Files\Hewlett-Packard\Precisionscan Pro 3.1\HP PrecisionScan Pro.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inkscape.lnk . (...) -- C:\Program Files\Inkscape\inkscape.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation.) -- C:\Program Files\Securitoo\Controle Parental\Controle_parental.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\outicon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\pptico.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Multi-channel Sound Manager.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Examens 2008.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Multi-channel Sound Manager.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~3\Office10\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.) O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} . (.Skyline software systems Inc. - TerraExplorerX DLL.) -- C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notification.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (a2AntiMalware) . (.Emsi Software GmbH - a-squared Service.) - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: (aswUpdSv) . (.ALWIL Software - avast! Antivirus updating service.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: (avast! Antivirus) . (.ALWIL Software - avast! antivirus service.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: (avast! Mail Scanner) . (.ALWIL Software - avast! e-Mail Scanner Service.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: (avast! Web Scanner) . (.ALWIL Software - avast! Web Scanner.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: (iPodService) . (.Apple Computer, Inc. - iPodService Module.) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (ethtlmnb) . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) - C:\WINDOWS\system32\drivers\ethtlmnb.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (. - .) - C:\Windows\System32\DRIVERS\intelppm.sys (.not file.) O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: - (.Pas de propriétaire.) [HKLM] -- {E9F81423-211E-46B6-9AE0-38568BC5CF6F} O42 - Logiciel: AGCEEP - (.Pas de propriétaire.) [HKLM] -- AGCEEP O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Adobe Illustrator 10 Evaluation - (.Adobe Systems, Inc..) [HKLM] -- {662498D7-B5E8-4FED-87B8-764CD2C640A2} O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0 O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: AlacrityPC - (.Ken Salter.) [HKLM] -- {B6D0F294-B844-4FAF-9993-FAC10E9E0F94} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Avery Wizard 3.1 - (.Avery.) [HKLM] -- {B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027} O42 - Logiciel: Belkin 54Mbps Wireless Network Adapter - (.Belkin.) [HKLM] -- {F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE} O42 - Logiciel: Beneton Movie GIF 1.1.1 - (.Beneton Software.) [HKLM] -- Beneton Movie GIF_is1 O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM] -- Blender O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP Pro 3 - (.Free Software.) [HKLM] -- {896D642C-7125-44F0-AC49-A23ABF82209C} O42 - Logiciel: Canon MP Navigator 3.1 - (.Pas de propriétaire.) [HKLM] -- MP Navigator 3.1 O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint O42 - Logiciel: Compléments d'aide et de support - (.Hewlett Packard.) [HKLM] -- Help and Support Additions O42 - Logiciel: Connexion Facile à Internet - (.Hewlett-Packard.) [HKLM] -- InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D} O42 - Logiciel: DELL TrueMobile 1180 Wireless USB - (.Pas de propriétaire.) [HKLM] -- {50D0A606-4E25-460E-A345-5A5695175B30} O42 - Logiciel: Deer Hunter - The 2005 Season - (.Atari, Inc..) [HKLM] -- Deer Hunter 2005_is1 O42 - Logiciel: Dell TM 1184 Wireless Router Control Utility - (.Pas de propriétaire.) [HKLM] -- {DCB91C79-B78B-44B1-A7FE-28DECA6E9245} O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: DivX Content Uploader - (.DivX, Inc..) [HKLM] -- DivX Content Uploader O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9} O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9} O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29} O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD O42 - Logiciel: Europa Universalis 2 - (.Pas de propriétaire.) [HKLM] -- {CA5DD6E1-B508-4922-815D-479E3228B17A} O42 - Logiciel: FlightAlpes Autogenpack Sud - (.Pas de propriétaire.) [HKCU] -- FlightAlpes Autogenpack Sud O42 - Logiciel: FlightAlpes BasePack Nord - (.Pas de propriétaire.) [HKLM] -- FlightAlpes BasePack Nord O42 - Logiciel: FlightAlpes BasePack Sud - (.Pas de propriétaire.) [HKLM] -- FlightAlpes BasePack Sud O42 - Logiciel: FlightCorse AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightCorse AutogenPack O42 - Logiciel: FlightCorse BasePack - (.Pas de propriétaire.) [HKLM] -- FlightCorse BasePack O42 - Logiciel: FlightMediterranee AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightMediterranee AutogenPack O42 - Logiciel: FlightMediterranee BasePack - (.Pas de propriétaire.) [HKLM] -- FlightMediterranee BasePack O42 - Logiciel: FlightParis AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightParis AutogenPack O42 - Logiciel: FlightParis BasePack - (.Pas de propriétaire.) [HKLM] -- FlightParis BasePack O42 - Logiciel: FlightPyrenees Orientales AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightPyrenees Orientales AutogenPack O42 - Logiciel: FlightPyrénées Orientales BasePack - (.Pas de propriétaire.) [HKLM] -- FlightPyrénées Orientales BasePack O42 - Logiciel: FlightRiviera AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightRiviera AutogenPack O42 - Logiciel: FlightRiviera BasePack - (.Pas de propriétaire.) [HKLM] -- FlightRiviera BasePack O42 - Logiciel: GIMP 2.4.2 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: GTK+ 2.8.18-1 runtime environment - (.Tor Lillqvist.) [HKLM] -- WinGTK-2_is1 O42 - Logiciel: Gmax F-86 Sabre - (.Kirk Olsson.) [HKLM] -- Saber Jet Installer_is1 O42 - Logiciel: Google Toolbar for Firefox - (.Google Inc..) [HKLM] -- {2CCBABCB-6427-4A55-B091-49864623C43F} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: Grand Theft Auto Vice City - (.Pas de propriétaire.) [HKLM] -- {4B35F00C-E63D-40DC-9839-DF15A33EAC46} O42 - Logiciel: HP Precisionscan Pro 3.1 - (.Hewlett-Packard.) [HKLM] -- {6B36DEBF-27D0-4B1E-858D-D397091C6C7D} O42 - Logiciel: HP Product Detection - (.Hewlett-Packard Company.) [HKLM] -- {CAE7D1D9-3794-4169-B4DD-964ADBC534EE} O42 - Logiciel: HP Share-to-Web - (.Pas de propriétaire.) [HKLM] -- {748F4870-8350-11D3-B0BF-080009FB4A19} O42 - Logiciel: HP Solution Center 7.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: ICTS-WinTrader (remove only) - (.Pas de propriétaire.) [HKLM] -- ICTS-WinTrader O42 - Logiciel: Inkscape 0.45.1 - (.Pas de propriétaire.) [HKLM] -- Inkscape O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: InterVideo WinDVD Player - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} O42 - Logiciel: J2SE Runtime Environment 5.0 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150000} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} O42 - Logiciel: Java 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Lecteur Windows Media 10 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logiciel de saisie de commande 2006 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande 2006 O42 - Logiciel: Logiciel de saisie de commande 2007 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande 2007 O42 - Logiciel: Logiciel de saisie de commande Pichon 2008 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande Pichon 2008 O42 - Logiciel: Logiciel de saisie de commande Pichon 2009 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande Pichon 2009 O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Macromedia Shockwave Player - (.Macromedia, Inc..) [HKLM] -- Macromedia Shockwave Player O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Master of Orion II - (.Pas de propriétaire.) [HKLM] -- Orion2DeinstKey O42 - Logiciel: Max Payne - (.Pas de propriétaire.) [HKLM] -- {39930321-4C58-4B8B-BCBF-342698C9801D} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] -- Flight Simulator 9.0 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office XP Standard - (.Microsoft Corporation.) [HKLM] -- {9012040C-6000-11D3-8CFE-0050048383C9} O42 - Logiciel: Microsoft Publisher 97 - (.Pas de propriétaire.) [HKLM] -- MSPUB4 O42 - Logiciel: Mozilla Firefox (3.5.15) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.15) O42 - Logiciel: OCR Software by I.R.I.S 7.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PC-Doctor for Windows - (.PC-Doctor, Inc..) [HKLM] -- InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F} O42 - Logiciel: PS2 - (.Pas de propriétaire.) [HKLM] -- PS2 O42 - Logiciel: PhotoFiltre Studio - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre Studio O42 - Logiciel: Pro Evolution Soccer 6 - (.KONAMI.) [HKLM] -- InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514} O42 - Logiciel: Project Canarias 2006 - (.CanarySim.) [HKLM] -- {DA46AA5F-4934-4DAC-94E4-7D84AD9A4090} O42 - Logiciel: Project Canarias 2006 by CanarySim - (.Pas de propriétaire.) [HKLM] -- Project Canarias 2006 O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2 O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3 O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: ScanSoft OmniPage SE 4 - (.Nuance Communications, Inc..) [HKLM] -- {DEE88727-779B-47A9-ACEF-F87CA5F92A65} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Sonic MyDVD Plus - (.Sonic Solutions.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29} O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Spybot - Search & Destroy 1.5.2.20 - (.Safer Networking Ltd..) [HKLM] -- Spybot - Search & Destroy_is1 O42 - Logiciel: TerraExplorer - (.Skyline Software Systems, Inc..) [HKLM] -- TerraExplorer O42 - Logiciel: Tradexpert 2.76 - (.Dubus S.A..) [HKLM] -- Tradexpert 2.76_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VideoLAN VLC media player 0.8.6i - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: a-squared Anti-Malware 2.0 - (.Emsi Software GmbH.) [HKLM] -- a-squared Anti-Malware_is1 O42 - Logiciel: avast! Antivirus - (.Alwil Software.) [HKLM] -- avast! O42 - Logiciel: iTunes - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925} O42 - Logiciel: muvee autoProducer 4.0 - (.muvee Technologies.) [HKLM] -- {FC10C922-52E9-4739-ACD0-EB0FF035EE7E} O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\18RH6WMFH2] [HKCU\Software\ALWIL Software] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\Andreas Haak] [HKCU\Software\AppConf] [HKCU\Software\Aurigma] [HKCU\Software\Avery] [HKCU\Software\BST] [HKCU\Software\Belkin] [HKCU\Software\BitTorrent] [HKCU\Software\CDBurnerXP Pro 3] [HKCU\Software\CDDB] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\DivXNetworks] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\Emsi Software GmbH] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\InterObject] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\KillBox] [HKCU\Software\LLH] [HKCU\Software\LMSoft] [HKCU\Software\LWMViewer] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Modern UI Test] [HKCU\Software\Mozilla] [HKCU\Software\Netopsystems] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PepiMK Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Remedy Entertainment] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SampleView] [HKCU\Software\ScanSoft] [HKCU\Software\SecuROM] [HKCU\Software\Skyline] [HKCU\Software\Skype] [HKCU\Software\SlySoft] [HKCU\Software\Snood LLC] [HKCU\Software\Softthinks] [HKCU\Software\Sonic] [HKCU\Software\Sony Corporation] [HKCU\Software\Symantec] [HKCU\Software\Sysinternals] [HKCU\Software\T10QP3808] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VCRPK] [HKCU\Software\Wget] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\keyhole.com] [HKLM\Software\58f] [HKLM\Software\781] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Alcohol Soft] [HKLM\Software\Andreas Haak] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Ariad] [HKLM\Software\Avance] [HKLM\Software\Avery] [HKLM\Software\Belkin] [HKLM\Software\BlenderFoundation] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DELL CORPORATION] [HKLM\Software\Debug] [HKLM\Software\Dell] [HKLM\Software\Disney Interactive] [HKLM\Software\DivXNetworks] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\Emsi Software GmbH] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Florenc] [HKLM\Software\France VFR and FlightScenery] [HKLM\Software\France VFR] [HKLM\Software\FullCircle] [HKLM\Software\GTK] [HKLM\Software\GameSpy] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HPQ] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\InterObject] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\KONAMIPES6] [HKLM\Software\Kodak] [HKLM\Software\LLH] [HKLM\Software\Lake] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\Mindscape] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\PC-Doctor] [HKLM\Software\Paradox Entertainment] [HKLM\Software\PepiMK Software] [HKLM\Software\Photofiltre] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Preview Systems] [HKLM\Software\Program Groups] [HKLM\Software\Project Tempest] [HKLM\Software\Python] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Remedy Entertainment] [HKLM\Software\Reviversoft] [HKLM\Software\RichFX] [HKLM\Software\Rockstar Games] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Schlumberger] [HKLM\Software\Scivrvka] [HKLM\Software\Secure] [HKLM\Software\SimTex] [HKLM\Software\Skyline] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Southlogic] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\TM1184] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\Wilson WindowWare] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/08/2009 - 06:36:30 - [88609440] ----D- C:\Program Files\a-squared Anti-Malware O43 - CFD: 17/06/2009 - 17:50:46 - [523203832] ----D- C:\Program Files\Adobe O43 - CFD: 21/11/2005 - 08:35:58 - [3835068] ----D- C:\Program Files\Alcohol Soft O43 - CFD: 13/03/2008 - 11:57:00 - [238607607] ----D- C:\Program Files\Alwil Software O43 - CFD: 21/02/2007 - 23:44:02 - [613723947] ----D- C:\Program Files\Atari O43 - CFD: 01/01/2005 - 22:24:52 - [16257839] ----D- C:\Program Files\ATI Technologies O43 - CFD: 18/08/2008 - 15:17:04 - [5458626] ----D- C:\Program Files\Avery O43 - CFD: 21/05/2010 - 15:17:06 - [7149014] ----D- C:\Program Files\Belkin O43 - CFD: 30/08/2007 - 14:18:36 - [5675523] ----D- C:\Program Files\Beneton Movie GIF O43 - CFD: 11/07/2008 - 15:27:26 - [28064307] ----D- C:\Program Files\Blender Foundation O43 - CFD: 04/04/2009 - 20:33:56 - [49904469] ----D- C:\Program Files\Canon O43 - CFD: 23/02/2011 - 22:50:06 - [3583520] ----D- C:\Program Files\CCleaner O43 - CFD: 18/08/2006 - 07:05:56 - [20035205] ----D- C:\Program Files\CDBurnerXP Pro 3 O43 - CFD: 24/11/2004 - 02:37:34 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 03/01/2006 - 00:40:32 - [4601] ----D- C:\Program Files\Dell O43 - CFD: 21/05/2006 - 21:49:26 - [6166527] ----D- C:\Program Files\DELL TrueMobile 1180 Wireless USB O43 - CFD: 03/01/2007 - 11:30:12 - [57071852] ----D- C:\Program Files\DivX O43 - CFD: 02/01/2006 - 15:55:24 - [2930042796] ----D- C:\Program Files\EA GAMES O43 - CFD: 30/04/2009 - 07:28:06 - [34897920] ----D- C:\Program Files\Easy Internet signup O43 - CFD: 01/03/2011 - 21:45:24 - [875011356] ----D- C:\Program Files\Fichiers communs O43 - CFD: 07/01/2008 - 19:52:18 - [77459983] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 24/02/2011 - 09:40:22 - [108340348] ----D- C:\Program Files\Google O43 - CFD: 15/10/2005 - 14:24:40 - [7191455] ----D- C:\Program Files\Hewlett Packard O43 - CFD: 04/04/2009 - 10:44:20 - [70241232] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 18/06/2007 - 14:37:26 - [210676998] ----D- C:\Program Files\HP O43 - CFD: 02/01/2006 - 15:55:58 - [813304] ----D- C:\Program Files\HP Image Zone Express O43 - CFD: 01/01/2005 - 22:49:34 - [554699] ----D- C:\Program Files\HPQ O43 - CFD: 04/07/2008 - 17:11:26 - [3638] ----D- C:\Program Files\Icone O43 - CFD: 21/05/2009 - 03:49:14 - [20530725] ----D- C:\Program Files\ICTS-WinTrader O43 - CFD: 07/01/2008 - 20:08:14 - [122833224] ----D- C:\Program Files\Inkscape O43 - CFD: 21/05/2010 - 15:17:06 - [55826113] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/03/2011 - 21:50:50 - [6092807] ----D- C:\Program Files\Internet Explorer O43 - CFD: 24/12/2005 - 16:26:54 - [61621979] ----D- C:\Program Files\InterVideo O43 - CFD: 01/01/2005 - 22:44:40 - [462848] ----D- C:\Program Files\iPod O43 - CFD: 26/02/2011 - 11:28:18 - [14342625] ----D- C:\Program Files\iTunes O43 - CFD: 18/09/2009 - 10:49:08 - [219287285] ----D- C:\Program Files\Java O43 - CFD: 29/08/2006 - 13:14:20 - [9110358] ----D- C:\Program Files\javanns O43 - CFD: 16/04/2009 - 11:25:12 - [2135175] ----D- C:\Program Files\Ken Salter O43 - CFD: 20/04/2008 - 10:13:16 - [2571260816] ----D- C:\Program Files\KONAMI O43 - CFD: 03/05/2008 - 10:15:02 - [417280] ----D- C:\Program Files\labygen O43 - CFD: 04/07/2008 - 17:11:24 - [50416] ----D- C:\Program Files\LETMIN O43 - CFD: 25/02/2008 - 21:18:22 - [27733940] ----D- C:\Program Files\LimeWire O43 - CFD: 23/02/2011 - 22:59:44 - [4922240] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 21/02/2007 - 23:34:52 - [852547796] ----D- C:\Program Files\Max Payne O43 - CFD: 15/04/2009 - 23:50:24 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 21/11/2005 - 08:40:02 - [1019333] ----D- C:\Program Files\Micro Application O43 - CFD: 22/02/2007 - 13:32:28 - [343068667] ----D- C:\Program Files\Microprose O43 - CFD: 29/12/2009 - 17:57:40 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 16/03/2008 - 03:00:42 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 25/11/2004 - 04:27:08 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 13/05/2006 - 10:10:40 - [10255596384] ----D- C:\Program Files\Microsoft Games O43 - CFD: 21/02/2007 - 21:29:52 - [95814269] ----D- C:\Program Files\Microsoft Office O43 - CFD: 24/01/2009 - 21:56:26 - [72664366] ----D- C:\Program Files\Microsoft Publisher O43 - CFD: 13/08/2010 - 02:01:30 - [128316441] ----D- C:\Program Files\Movie Maker O43 - CFD: 21/12/2010 - 23:12:54 - [33837672] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 16/08/2009 - 01:32:22 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 15/10/2005 - 19:43:22 - [21471559] ----D- C:\Program Files\MSN O43 - CFD: 25/11/2004 - 04:27:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 15/11/2006 - 22:49:44 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 01/01/2005 - 23:13:24 - [81811124] ----D- C:\Program Files\muvee Technologies O43 - CFD: 15/04/2009 - 23:44:28 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 25/11/2004 - 04:27:42 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 30/01/2010 - 14:44:08 - [65907043] ----D- C:\Program Files\Orange O43 - CFD: 16/12/2010 - 00:40:54 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 02/01/2006 - 15:55:54 - [8401069] ----D- C:\Program Files\Papyrus O43 - CFD: 25/02/2006 - 16:32:32 - [481300225] ----D- C:\Program Files\Paradox Entertainment O43 - CFD: 24/10/2005 - 09:22:56 - [77657320] ----D- C:\Program Files\PC-Doctor for Windows O43 - CFD: 29/04/2008 - 18:30:54 - [4682711] ----D- C:\Program Files\PhotoFiltre O43 - CFD: 07/01/2008 - 00:55:52 - [3311450] ----D- C:\Program Files\Picasa2 O43 - CFD: 02/02/2006 - 23:35:42 - [79162820] ----D- C:\Program Files\Real O43 - CFD: 16/08/2009 - 01:32:12 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 23/04/2008 - 18:36:04 - [1571439363] ----D- C:\Program Files\Rockstar Games O43 - CFD: 03/04/2009 - 15:59:18 - [121570105] ----D- C:\Program Files\ScanSoft O43 - CFD: 30/01/2010 - 14:43:58 - [60435509] ----D- C:\Program Files\Securitoo O43 - CFD: 20/04/2010 - 12:55:50 - [34248154] ----D- C:\Program Files\Skyline O43 - CFD: 07/01/2008 - 19:10:20 - [0] ----D- C:\Program Files\SlySoft O43 - CFD: 10/01/2008 - 16:57:36 - [6536] ----D- C:\Program Files\Snood O43 - CFD: 10/01/2008 - 11:59:52 - [8956] ----D- C:\Program Files\Snood 4 Beta O43 - CFD: 01/01/2005 - 22:41:16 - [288035537] ----D- C:\Program Files\Sonic O43 - CFD: 29/12/2009 - 18:18:42 - [86491326] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 02/01/2006 - 15:55:26 - [67605] ----D- C:\Program Files\SurfRobot O43 - CFD: 13/03/2008 - 11:39:54 - [0] ----D- C:\Program Files\Symantec O43 - CFD: 04/02/2007 - 14:16:44 - [26708261] ----D- C:\Program Files\TM1184 O43 - CFD: 05/02/2009 - 19:54:34 - [2143342] ----D- C:\Program Files\Tradexpert2.76 O43 - CFD: 24/11/2004 - 02:37:46 - [0] ----D- C:\Program Files\Uninstall Information O43 - CFD: 28/12/2007 - 20:55:14 - [219952] ----D- C:\Program Files\uTorrent O43 - CFD: 18/07/2008 - 22:21:26 - [33538437] ----D- C:\Program Files\VideoLAN O43 - CFD: 29/12/2009 - 17:56:42 - [45806582] ----D- C:\Program Files\Windows Live O43 - CFD: 29/12/2009 - 17:57:20 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 15/04/2009 - 23:44:26 - [4694123] ----D- C:\Program Files\Windows Media Player O43 - CFD: 15/04/2009 - 23:44:26 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 24/11/2004 - 02:37:48 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 27/10/2006 - 17:58:50 - [4505019] ----D- C:\Program Files\WinRAR O43 - CFD: 09/01/2006 - 21:56:32 - [1851] ----D- C:\Program Files\WinZip O43 - CFD: 25/11/2004 - 04:28:02 - [0] ----D- C:\Program Files\xerox O43 - CFD: 07/03/2007 - 00:30:08 - [681416] ----D- C:\Program Files\Yahoo! O43 - CFD: 07/03/2011 - 10:00:20 - [3647253] ----D- C:\Program Files\ZHPDiag O43 - CFD: 17/06/2009 - 17:51:30 - [61529194] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 04/04/2009 - 20:36:08 - [560] ----D- C:\Program Files\Fichiers Communs\CANON O43 - CFD: 21/02/2007 - 21:30:40 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 21/05/2010 - 15:25:28 - [1468637] ----D- C:\Program Files\Fichiers Communs\France Telecom O43 - CFD: 07/08/2006 - 18:02:26 - [23894037] ----D- C:\Program Files\Fichiers Communs\GTK O43 - CFD: 01/01/2005 - 22:36:22 - [406461] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 04/04/2009 - 10:46:56 - [0] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 01/01/2005 - 22:48:32 - [20245173] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 01/01/2005 - 22:19:12 - [30716740] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 05/04/2009 - 02:00:40 - [87296389] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 25/11/2004 - 04:26:40 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 01/01/2005 - 23:13:32 - [17377121] ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD: 25/11/2004 - 04:26:40 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 03/02/2010 - 10:27:46 - [20359875] ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD: 03/04/2009 - 16:00:18 - [210472] ----D- C:\Program Files\Fichiers Communs\ScanSoft Shared O43 - CFD: 01/02/2005 - 09:33:14 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 01/01/2005 - 22:40:14 - [26699337] ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD: 25/11/2004 - 04:26:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 01/01/2005 - 22:40:24 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared O43 - CFD: 25/02/2011 - 10:34:46 - [85160349] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 15/04/2009 - 23:44:24 - [18764819] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 01/01/2005 - 22:41:16 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared O43 - CFD: 18/02/2006 - 21:55:28 - [2616132] ----D- C:\Program Files\Fichiers Communs\Vbox O43 - CFD: 29/12/2009 - 17:53:08 - [181035378] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 14/03/2008 - 09:00:24 - [38233043] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 08/03/2006 - 22:41:46 - [253648896] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD: 03/02/2010 - 10:27:18 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared O43 - CFD: 01/03/2011 - 21:50:56 - [6995891] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe O43 - CFD: 05/09/2007 - 10:11:06 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM O43 - CFD: 01/01/2005 - 22:44:56 - [59270] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer O43 - CFD: 11/07/2008 - 14:59:48 - [5843285] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Blender Foundation O43 - CFD: 04/04/2009 - 20:36:52 - [4273443] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Canon O43 - CFD: 04/01/2007 - 17:55:14 - [20290] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\DivX O43 - CFD: 15/05/2007 - 21:22:42 - [33459] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Google O43 - CFD: 15/07/2008 - 20:39:44 - [83] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0 O43 - CFD: 27/10/2006 - 17:58:50 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Help O43 - CFD: 18/06/2007 - 09:55:04 - [4764] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\HP O43 - CFD: 02/01/2006 - 15:55:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Identities O43 - CFD: 04/03/2009 - 12:07:04 - [921864] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express O43 - CFD: 07/01/2008 - 21:45:30 - [12829] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Inkscape O43 - CFD: 21/05/2010 - 15:16:56 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InstallShield O43 - CFD: 12/02/2006 - 12:07:34 - [344064] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InstallShield Installation Information O43 - CFD: 14/10/2005 - 06:46:06 - [5712] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InterVideo O43 - CFD: 09/08/2006 - 15:22:38 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Lavasoft O43 - CFD: 18/10/2005 - 19:17:16 - [376] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Leadertech O43 - CFD: 25/02/2008 - 21:06:22 - [56343] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\LimeWire O43 - CFD: 28/04/2006 - 21:52:08 - [2648242] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia O43 - CFD: 23/02/2011 - 22:59:54 - [1668825] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes O43 - CFD: 11/02/2009 - 22:50:18 - [17099723] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft O43 - CFD: 27/12/2008 - 12:43:46 - [31339847] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla O43 - CFD: 08/01/2010 - 14:49:40 - [1121020] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Real O43 - CFD: 23/02/2011 - 22:40:02 - [973241] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Reviversoft O43 - CFD: 01/01/2005 - 22:57:10 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView O43 - CFD: 03/04/2009 - 16:00:34 - [16760] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\ScanSoft O43 - CFD: 20/01/2008 - 19:33:46 - [79016] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\skypePM O43 - CFD: 31/05/2006 - 17:04:02 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Sonic O43 - CFD: 02/01/2006 - 22:58:14 - [310798] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Sun O43 - CFD: 02/01/2006 - 20:00:14 - [575] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Symantec O43 - CFD: 03/01/2007 - 13:13:28 - [26158] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Talkback O43 - CFD: 27/10/2005 - 09:23:08 - [8704] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Template O43 - CFD: 09/02/2009 - 19:27:10 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\U3 O43 - CFD: 04/12/2008 - 13:13:22 - [2360603] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\uTorrent O43 - CFD: 18/07/2008 - 22:23:22 - [371438] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\vlc O43 - CFD: 17/06/2009 - 17:59:08 - [213800072] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Adobe O43 - CFD: 01/01/2005 - 22:44:56 - [1133637] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Apple Computer O43 - CFD: 27/10/2008 - 08:45:54 - [52854] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\ApplicationHistory O43 - CFD: 24/02/2011 - 09:48:34 - [71821] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google O43 - CFD: 03/04/2010 - 11:43:50 - [10843] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Help O43 - CFD: 15/10/2005 - 09:42:32 - [237169039] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\HP O43 - CFD: 02/01/2006 - 15:55:26 - [303396] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Identities O43 - CFD: 16/04/2009 - 11:27:10 - [1503] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Ken_Salter O43 - CFD: 20/04/2009 - 19:06:30 - [624627588] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft O43 - CFD: 03/01/2007 - 13:13:14 - [131281] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla O43 - CFD: 03/04/2009 - 16:06:30 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Scansoft O43 - CFD: 18/10/2010 - 09:18:22 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Temp ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 08:50:43 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1763153] O44 - LFC:[MD5.5924B7DCE0515D75A7DB1396E1DC9816] - 07/03/2011 - 02:47:44 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/03/2011 - 02:47:24 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 02:47:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 02:47:08 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 07/03/2011 - 02:46:35 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.ECAE8BD62E3AE0BB9B3942A812515D90] - 06/03/2011 - 23:22:20 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.9B9A439601FCB584FF25AA4B02759052] - 06/03/2011 - 20:28:58 ---A- . (...) -- C:\03062011_142607.log [13438] O44 - LFC:[MD5.B1AB9EB264AF24E3A625B43E1F7FDEF3] - 06/03/2011 - 14:33:02 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [542238] O44 - LFC:[MD5.F7632BA627F84212FC1C3D1E0A7E6830] - 06/03/2011 - 14:13:47 ---A- . (...) -- C:\bernard53_bis.doc [40448] O44 - LFC:[MD5.A4FC8D2CBAF88697A7C2057D81170423] - 06/03/2011 - 04:08:14 ---A- . (...) -- C:\OTL.Txt [169762] O44 - LFC:[MD5.E73B21C10839A84C0539224CDBF4D19A] - 05/03/2011 - 21:42:37 ---A- . (...) -- C:\bernard53.doc [80896] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 03/03/2011 - 22:28:21 ---A- . (...) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.9E51CABA3D044E48DEC321A8B9298AEC] - 03/03/2011 - 22:28:21 ---A- . (...) -- C:\WINDOWS\win.ini [774] O44 - LFC:[MD5.2A73366F739A4B9C0381071E88003986] - 03/03/2011 - 22:28:21 RSHA- . (...) -- C:\boot.ini [324] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 01/03/2011 - 21:16:21 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32526] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 01/03/2011 - 20:58:44 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.A6BDDF5454E6BC1224AB34D5910BFE28] - 01/03/2011 - 12:06:22 ---A- . (...) -- C:\WINDOWS\System32\d3d8caps.dat [552] O44 - LFC:[MD5.5DE7C745FCF8F6F09297BA2B09BA57BA] - 01/03/2011 - 10:43:59 ---A- . (...) -- C:\WINDOWS\setupapi.log [5279] O44 - LFC:[MD5.89906ED9C50D5E225A03F74C994747BD] - 01/03/2011 - 09:46:37 ---A- . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) -- C:\WINDOWS\System32\drivers\ethtlmnb.sys [136192] O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 26/02/2011 - 11:44:02 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/02/2011 - 11:44:02 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.AD76942193FCA9175F33AEED2EC5077F] - 24/02/2011 - 12:13:07 ---A- . (...) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 23/02/2011 - 22:59:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 23/02/2011 - 22:59:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.B0E279838D0137E0A1B3F557B6A2534C] - 10/02/2011 - 03:27:31 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [292480] O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 08/11/2010 - 01:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [89088] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.99184E1D6EDF866331DDFB4E45249928] - 01/03/2011 - 09:35:03 ---A- - C:\WINDOWS\Prefetch\RECGUARD .EXE-38DA81C3.pf O45 - LFCP:[MD5.EE953316C2519DF0574791C3118FC3EE] - 01/03/2011 - 09:35:06 ---A- - C:\WINDOWS\Prefetch\HPSYSDRV .EXE-3772EBA4.pf O45 - LFCP:[MD5.2EFBA5438481E42E4C53D99AE4B59FCC] - 01/03/2011 - 09:35:06 ---A- - C:\WINDOWS\Prefetch\WDFMGR.EXE-22A3D9C5.pf O45 - LFCP:[MD5.09D61257DB4C62421E8DE14970A3FC9F] - 01/03/2011 - 09:38:50 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5A9DC85C.pf O45 - LFCP:[MD5.05BABE613B210440FC3D730BD0DCAD03] - 01/03/2011 - 09:46:20 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-31B36D52.pf O45 - LFCP:[MD5.4096E5F3E6D2A1AA63946F60886AC0FD] - 01/03/2011 - 09:46:25 ---A- - C:\WINDOWS\Prefetch\NETSH.EXE-23AED181.pf O45 - LFCP:[MD5.C47BBF73760035901AD196D98F05545F] - 01/03/2011 - 10:08:28 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf O45 - LFCP:[MD5.0884F384B69F2689880B65F8343F282E] - 01/03/2011 - 10:23:02 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-024AD864.pf O45 - LFCP:[MD5.30B80FA813ADACF1E6A0447DF6C9BACF] - 01/03/2011 - 21:28:20 ---A- - C:\WINDOWS\Prefetch\COMBOFIX.EXE-22DBCA6F.pf O45 - LFCP:[MD5.6317725ED1E7E32B9029009D2B5938BF] - 01/03/2011 - 21:28:29 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-030260BF.pf O45 - LFCP:[MD5.7E67BD9E69339B6C9FF7793BDB9451C9] - 01/03/2011 - 21:28:30 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-25E064CA.pf O45 - LFCP:[MD5.ACD13CD8A3EE946AA6EA8F1E642218F9] - 01/03/2011 - 21:28:33 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-01B8D025.pf O45 - LFCP:[MD5.D143B59F5117984E47418412F59ED73F] - 01/03/2011 - 21:28:33 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-0DB651BD.pf O45 - LFCP:[MD5.2C5596EDEB91FD3BFFAB8E894A495762] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\GRPCONV.EXE-375690AD.pf O45 - LFCP:[MD5.6E2BA063B3C030B027638D4D9B5A651C] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4853FA67.pf O45 - LFCP:[MD5.09BBEE27B91FE5481C0BC77B2773D7D0] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\RUNONCE.EXE-01CA3A2F.pf O45 - LFCP:[MD5.0A047BA4075FA4F0B0E8FCD502BC4D51] - 01/03/2011 - 21:28:40 ---A- - C:\WINDOWS\Prefetch\GSAR.CFXXE-301E7415.pf O45 - LFCP:[MD5.4C6A47123F089E83E3770B2B3C360869] - 01/03/2011 - 21:28:42 ---A- - C:\WINDOWS\Prefetch\N.PIF-2ACDD654.pf O45 - LFCP:[MD5.B38AC7B836211011CDE7F3DE8BB713D3] - 01/03/2011 - 21:28:43 ---A- - C:\WINDOWS\Prefetch\SWREG.EXE-20DD5B9B.pf O45 - LFCP:[MD5.2BF4CED0E6A6008A579AB4663952304B] - 01/03/2011 - 21:28:49 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf O45 - LFCP:[MD5.02360BAE602431B175A62DE10AF51C36] - 01/03/2011 - 21:28:50 ---A- - C:\WINDOWS\Prefetch\PEV.EXE-0AB51BE4.pf O45 - LFCP:[MD5.7ADFB4B90DBB68F19A455E6AD9EA1580] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\CMD.CFXXE-1073D757.pf O45 - LFCP:[MD5.8AB1A22FA7C0D67453D533B1929CCC33] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\RMBR.CFXXE-2B2725AA.pf O45 - LFCP:[MD5.F163616EA02E6C21FB3B7D889A9EB9D0] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\SWREG.CFXXE-164FC802.pf O45 - LFCP:[MD5.808FF1EACE4B73A19F7E0F93BB197C0C] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\SWSC.CFXXE-1A6C2E33.pf O45 - LFCP:[MD5.62F902C5179E2C9DB01D5677365DD360] - 01/03/2011 - 21:28:54 ---A- - C:\WINDOWS\Prefetch\HANDLE.CFXXE-1ED26E07.pf O45 - LFCP:[MD5.1DDA1FCE04820A45F44A401C10FE8F7E] - 01/03/2011 - 21:29:15 ---A- - C:\WINDOWS\Prefetch\SWXCACLS.CFXXE-082AB030.pf O45 - LFCP:[MD5.02D6C2E08BFA84A2E4B3D67E3E00085B] - 01/03/2011 - 21:29:16 ---A- - C:\WINDOWS\Prefetch\ATTRIB.CFXXE-1334C304.pf O45 - LFCP:[MD5.A57593C63BAA1F567D044C1096EFE03E] - 01/03/2011 - 21:29:28 ---A- - C:\WINDOWS\Prefetch\NIRCMD.CFXXE-258F36B6.pf O45 - LFCP:[MD5.7CB1CDD753F5C365C339A162B51F4B73] - 01/03/2011 - 21:29:51 ---A- - C:\WINDOWS\Prefetch\A2EMERGENCYKIT.EXE-0AA6EBBB.pf O45 - LFCP:[MD5.3BE4FF7BBE4C8DBA2B60CFB709564CCE] - 01/03/2011 - 21:29:56 ---A- - C:\WINDOWS\Prefetch\START.EXE-049C4362.pf O45 - LFCP:[MD5.77E9475F68976099C1D766D0FF247333] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.CFXXE-2047784A.pf O45 - LFCP:[MD5.95639252642834AEAE6206C126DD559C] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\GREP.CFXXE-058D1CFD.pf O45 - LFCP:[MD5.B41A6F5553D5351D376F5AF9D05E0C57] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\SED.CFXXE-26699FCF.pf O45 - LFCP:[MD5.95FC338F520EB570B377FB74AE1A1DF6] - 01/03/2011 - 21:30:52 ---A- - C:\WINDOWS\Prefetch\PEV.CFXXE-234F95B8.pf O45 - LFCP:[MD5.767854AB5DB79056181E1BB29EB0AF44] - 01/03/2011 - 21:30:53 ---A- - C:\WINDOWS\Prefetch\HIDEC.EXE-110154A1.pf O45 - LFCP:[MD5.82D046310C880759EF2DB347BF6EC11B] - 01/03/2011 - 21:30:53 ---A- - C:\WINDOWS\Prefetch\PEV.EXE-38CD9EA3.pf O45 - LFCP:[MD5.59BD2FE4477323DAAC98457E4680430F] - 01/03/2011 - 21:30:54 ---A- - C:\WINDOWS\Prefetch\ATTRIB.EXE-15ACDFFE.pf O45 - LFCP:[MD5.99BC49B924B010E6E1CEFC8ADD8B7459] - 01/03/2011 - 21:31:03 ---A- - C:\WINDOWS\Prefetch\PEV.CFXXE-163A75C2.pf O45 - LFCP:[MD5.F67B438295E32FB33E8AC1B6FA63F48A] - 01/03/2011 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\NIRCMD.CFXXE-13FF818C.pf O45 - LFCP:[MD5.C428F163E504EC4D3754399601A2A20F] - 01/03/2011 - 21:31:05 ---A- - C:\WINDOWS\Prefetch\ATTRIB.CFXXE-2659F53E.pf O45 - LFCP:[MD5.2B924227E9A6A886D0E2AAFE429727E8] - 01/03/2011 - 21:31:05 ---A- - C:\WINDOWS\Prefetch\SED.CFXXE-13206BAB.pf O45 - LFCP:[MD5.49C3C8538D86D854ABA386A5F6D02B71] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\CF10215.CFXXE-046019A3.pf O45 - LFCP:[MD5.D1C548DE8823D40D25A6A659174FD8CB] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\CHCP.COM-17EDBDC9.pf O45 - LFCP:[MD5.49E08B8BDD9A999D607814E5CFE30188] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\GREP.CFXXE-1143901C.pf O45 - LFCP:[MD5.76EA69546FDF04BDC1B4749EC2639A7F] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\NIRCMDC.CFXXE-1A723DB9.pf O45 - LFCP:[MD5.2EF00E0D1ED7C2CF8129D20C356BBCEC] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\SWREG.CFXXE-2EA30468.pf O45 - LFCP:[MD5.7FA38DE026F46EC1BF0769D11E122D99] - 03/03/2011 - 15:53:39 ---A- - C:\WINDOWS\Prefetch\CF11975.CFXXE-12829B90.pf O45 - LFCP:[MD5.196C191DBDB2144D2158B19B531BB771] - 03/03/2011 - 15:53:40 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-14139C8F.pf O45 - LFCP:[MD5.A087063BB2F9F0B7157DAEE914D8E33C] - 03/03/2011 - 15:53:40 ---A- - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf O45 - LFCP:[MD5.D4BBE8676A685F162518B67CFCEE65EC] - 03/03/2011 - 15:53:42 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-45BE1599.pf O45 - LFCP:[MD5.04A0AA25A2C7862B68CE897120846CD1] - 03/03/2011 - 15:53:43 ---A- - C:\WINDOWS\Prefetch\CONTROLUTILITY.EXE-146DDA10.pf O45 - LFCP:[MD5.FFAF3BB371F62EAFFA68605C200B7E91] - 03/03/2011 - 15:53:43 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf O45 - LFCP:[MD5.B31099C9247B7162767707F754CB79F4] - 03/03/2011 - 15:53:44 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf O45 - LFCP:[MD5.0C931E94E2F5ED01CE232C68B55C52F2] - 03/03/2011 - 15:53:47 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-2F4A2F77.pf O45 - LFCP:[MD5.C4A7C22F8F616A3EEE6CF6F48FD1F289] - 03/03/2011 - 15:54:45 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf O45 - LFCP:[MD5.B01294B5DC6CC9BDFE9A981DFB63529D] - 06/03/2011 - 22:39:36 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-1D8A4379.pf O45 - LFCP:[MD5.B9AAC1DE7551473E1DB6B8505ED1E492] - 06/03/2011 - 22:39:38 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf O45 - LFCP:[MD5.3173FB39D5C6ED61A1BE71A8C91C8A41] - 06/03/2011 - 22:43:04 ---A- - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-1A61B617.pf O45 - LFCP:[MD5.902EAA8D313C0E546C745F1343C6BFE4] - 06/03/2011 - 22:43:09 ---A- - C:\WINDOWS\Prefetch\WINRAR.EXE-0AA31BB9.pf O45 - LFCP:[MD5.4B391E36B480738545BA49AB826A92D5] - 06/03/2011 - 22:43:50 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-1FC25D32.pf O45 - LFCP:[MD5.09AA997B9723DE0903022F198B0976DA] - 06/03/2011 - 22:51:21 ---A- - C:\WINDOWS\Prefetch\LADS.EXE-0D3BCDEA.pf O45 - LFCP:[MD5.9476AC78E9D17F3D151B59453D542887] - 06/03/2011 - 22:51:24 ---A- - C:\WINDOWS\Prefetch\SETACL.EXE-089EBA3B.pf O45 - LFCP:[MD5.A066EDEF9C76A7FD2A5EC8ED752496CA] - 06/03/2011 - 22:51:24 ---A- - C:\WINDOWS\Prefetch\SUBINACL.EXE-041720E4.pf O45 - LFCP:[MD5.902BCD3E8DBFBC5C4F3AE2AD2F146EC4] - 06/03/2011 - 23:14:49 ---A- - C:\WINDOWS\Prefetch\SIGCHECK.EXE-01148FB6.pf O45 - LFCP:[MD5.528FE1D533CB76A13C099F5A6792B8A2] - 06/03/2011 - 23:22:18 ---A- - C:\WINDOWS\Prefetch\MBR.EXE-1F08BE4E.pf O45 - LFCP:[MD5.67F49BAC01AB871986936B75C31C60AC] - 06/03/2011 - 23:22:20 ---A- - C:\WINDOWS\Prefetch\MBRCHECK.EXE-06704EA0.pf O45 - LFCP:[MD5.54C91CD5B2F98E9616F49A225708A358] - 07/03/2011 - 01:05:38 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf O45 - LFCP:[MD5.7F247B1A3CE7B6C6CC3933D2CB944159] - 07/03/2011 - 01:05:38 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf O45 - LFCP:[MD5.9A67C2DEBA91DA60AAFFAC568ADCED22] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf O45 - LFCP:[MD5.910D51E3A4C7522F154B4744B4910990] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ASHMAISV.EXE-072F6A23.pf O45 - LFCP:[MD5.E567B5314A3F1CD3D386A8BCFB04282E] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-3530B302.pf O45 - LFCP:[MD5.1795BAA536EB52461C6F21F74A307C74] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf O45 - LFCP:[MD5.C27DB50D3A03074E7D961B77029B7560] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.0392BFCB78C552A2AF18F93F102C5A25] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf O45 - LFCP:[MD5.F801017D3F134A1273C3B28C85CFF1C9] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf O45 - LFCP:[MD5.F6ABCC5ADA1FFD0B785051B8AEA00132] - 07/03/2011 - 02:48:21 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf O45 - LFCP:[MD5.BFFAA9C970CA3FCF946527E34586B8DA] - 07/03/2011 - 02:48:21 ---A- - C:\WINDOWS\Prefetch\WGATRAY.EXE-350D4455.pf O45 - LFCP:[MD5.C55B627C95AE03EB439FA091D9782F4A] - 07/03/2011 - 03:13:26 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.F7E1558DD97D999BE1A7709A19EA560B] - 07/03/2011 - 03:47:10 ---A- - C:\WINDOWS\Prefetch\SSPIPES.SCR-111D20AE.pf O45 - LFCP:[MD5.63CCE8E2E844C45E23FD68C34D0A1A2B] - 07/03/2011 - 07:01:19 ---A- - C:\WINDOWS\Prefetch\AVAST.SETUP-295443AF.pf O45 - LFCP:[MD5.0D3660C9469EE0BFDF2863B07D94B69C] - 07/03/2011 - 08:50:30 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf O45 - LFCP:[MD5.1CB43A581ACA58E49BC2CBC57D1737F1] - 07/03/2011 - 09:53:35 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-160E1F62.pf O45 - LFCP:[MD5.6DDA7AF37065B88E9AC2965EF5487F8E] - 07/03/2011 - 09:57:18 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf O45 - LFCP:[MD5.EF429BD7BCAA80E4E31A1CB02312DE4D] - 07/03/2011 - 09:58:13 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-2AB7F0EA.pf O45 - LFCP:[MD5.DD75F0F63239C818C203D88622F8A6EF] - 07/03/2011 - 09:58:30 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-234F2181.pf O45 - LFCP:[MD5.C2CE0EA7D177302FD60C8D318D900C06] - 07/03/2011 - 09:58:30 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-10870A95.pf O45 - LFCP:[MD5.C688D7D4CA2869552B05DAA33F1480F3] - 07/03/2011 - 09:58:54 ---A- - C:\WINDOWS\Prefetch\ZHPFIX.EXE-29819034.pf O45 - LFCP:[MD5.3C9B1B04F76FCB42D756F61293395907] - 07/03/2011 - 09:59:57 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf O45 - LFCP:[MD5.CE7B66140D094A1D61BFF54025095E48] - 07/03/2011 - 10:00:19 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf O45 - LFCP:[MD5.4525C7405DC7F1829997E6545ACDB7E0] - 22/02/2011 - 09:53:21 ---A- - C:\WINDOWS\Prefetch\CNMSE8R.EXE-2B10576F.pf O45 - LFCP:[MD5.6D42ABD74D837A13F05A5C97655A7E17] - 22/02/2011 - 09:53:40 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-421209DA.pf O45 - LFCP:[MD5.21F744FBB4F6EE11DD8FA89CBC3BBC13] - 24/02/2011 - 09:46:28 ---A- - C:\WINDOWS\Prefetch\IPODSERVICE.EXE-37043579.pf O45 - LFCP:[MD5.B95D681D60F978A1A5EA060B1EC36475] - 24/02/2011 - 09:50:42 ---A- - C:\WINDOWS\Prefetch\JAVA.EXE-32FD225F.pf O45 - LFCP:[MD5.60D1EDEFD35604B06281856BD796402C] - 25/02/2011 - 17:52:21 ---A- - C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf O45 - LFCP:[MD5.619F72C05661E87C5B52DF0B56D14203] - 25/02/2011 - 17:52:42 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-0A89F0A0.pf O45 - LFCP:[MD5.899DCA9FC7E13DD55A23F4DBDFE406A3] - 25/02/2011 - 17:53:10 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-32F537AF.pf O45 - LFCP:[MD5.3007A8241FC707E612766D9D851F9AAF] - 25/02/2011 - 17:53:33 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-2A835E82.pf O45 - LFCP:[MD5.248E1F07EAC11A6D4E7CA7EABF3E5C96] - 25/02/2011 - 17:53:53 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-01444BFF.pf O45 - LFCP:[MD5.A3D624C2E4E9995A4EBD9EDB8A022640] - 25/02/2011 - 17:54:32 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-2AEB2148.pf O45 - LFCP:[MD5.839BF623B6F20929E1728DCAE65A114A] - 26/02/2011 - 11:25:49 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-58CC116F.pf O45 - LFCP:[MD5.8AB3D37E52435EE073AB3419603216CF] - 26/02/2011 - 11:26:13 ---A- - C:\WINDOWS\Prefetch\73UABUBD.EXE-2B9EDE79.pf O45 - LFCP:[MD5.6ADE2AD16F41B8EF92E27C43F0881A3B] - 26/02/2011 - 11:43:37 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf O45 - LFCP:[MD5.E78DA2B758CCC16184469FB176C0536E] - 26/02/2011 - 14:24:40 ---A- - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf O45 - LFCP:[MD5.666CFCF0392BEAA4CD64349CB28DF35E] - 26/02/2011 - 14:26:07 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AOL 9.0\waol.exe (.not file.) O47 - AAKE:Key Export SP - "E:\Setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- E:\Setup.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe" [Enabled] .(.Microsoft Corporation - Microsoft Flight Simulator.) -- C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Real\RealPlayer\realplay.exe" [Enabled] .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Kazaa\kazaa.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kazaa\kazaa.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe" [Disabled] .(.KONAMI - pes6.exe.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\igbi\setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Temp\igbi\setup.exe (.not file.) O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%ProgramFiles%\iTunes\iTunes.exe" [Enabled] .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.4.0 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Recherche de Drivers Rootkit (O57) O57 - SDR:Search Drivers Rootkit - ( - .) -- ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.1F61CACACB521215F39061789147968C] - 30/04/2004 - 09:37:02 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\a347bus.sys [160640] O58 - SDL:[MD5.113E4B318BBAA7483CA4E582A4D63F49] - 30/04/2004 - 09:33:00 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\a347scsi.sys [5248] O58 - SDL:[MD5.2CCFA74242741CA22A4267CCE9B586F4] - 24/11/2009 - 23:47:54 ---A- . (.ALWIL Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [27408] O58 - SDL:[MD5.2F7F3E8DA380325866E566F5D5EC23D5] - 21/05/2010 - 15:17:16 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [20747] O58 - SDL:[MD5.781C5EC517C53F5214B61253B20C13C4] - 20/04/2005 - 19:00:56 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2317696] O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 22:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008] O58 - SDL:[MD5.B4079A98F294A3E262872CB76F4849F0] - 24/11/2009 - 23:50:00 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [20560] O58 - SDL:[MD5.F5296ECFCBFE5935253AE6C29E6D086E] - 24/11/2009 - 23:51:09 ---A- . (.ALWIL Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [93424] O58 - SDL:[MD5.DBEE7B5ECB50FC2CF9323F52CBF41141] - 24/11/2009 - 23:50:59 ---A- . (.ALWIL Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [94160] O58 - SDL:[MD5.8080D683489C99CBACE813F6FA4069CC] - 24/11/2009 - 23:48:57 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [23120] O58 - SDL:[MD5.2E5A2AD5004B55DF39B7606130A88142] - 24/11/2009 - 23:50:12 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [114768] O58 - SDL:[MD5.D4C83A37EFADFA2C398362E0776E3773] - 24/11/2009 - 23:49:07 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [48560] O58 - SDL:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 13/04/2008 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] O58 - SDL:[MD5.E9EBF7DCA6C5EB9C597035A10A5A6A1B] - 06/04/2005 - 05:58:48 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [1035776] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 19:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.9085EBEED5503C392B03F4CC129D779B] - 09/08/2002 - 14:46:10 ---A- . (.DELL Corporation - DELL Wireless NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\DELUSB_51.sys [606208] O58 - SDL:[MD5.89906ED9C50D5E225A03F74C994747BD] - 01/03/2011 - 09:46:37 ---A- . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) -- C:\WINDOWS\system32\drivers\ethtlmnb.sys [136192] O58 - SDL:[MD5.2FB04DB459C71F416EE8B05448CA4AC3] - 14/09/2004 - 21:38:26 ---A- . (.GEAR Software Inc. - CDRom Class Filter Driver.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [13872] O58 - SDL:[MD5.30CA91E657CEDE2F95359D6EF186F650] - 13/04/2006 - 02:04:39 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49664] O58 - SDL:[MD5.EFD31AFA752AA7C7BBB57BCBE2B01C78] - 13/04/2006 - 02:04:39 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.7AC43C38CA8FD7ED0B0A4466F753E06E] - 13/04/2006 - 02:04:39 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568] O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 04/08/2004 - 07:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.505CBA425DF3BB230F244E1C23221058] - 19/01/2005 - 17:21:56 ---A- . (.Windows ® 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys [12416] O58 - SDL:[MD5.231F133B4A5A04307ABD95CAC80FD063] - 23/03/2000 - 05:42:24 ---A- . (.PC-Doctor Inc. - PC-Doctor NT Support Driver.) -- C:\WINDOWS\system32\drivers\PcdrNt.sys [44192] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 12/12/2005 - 17:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.2EF9C0DC26B30B2318B1FC3FAA1F0AE7] - 04/10/2002 - 18:04:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139/810x Family NDIS 5.1 Drv.) -- C:\WINDOWS\system32\drivers\R8139n51.sys [46976] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.4F153709D0691C6DE8C9A4C5E813907C] - 02/10/2007 - 03:06:40 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt73.sys [451968] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 04/08/2004 - 05:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A1ECEEAA5C5E74B2499EB51D38185B84] - 17/08/2001 - 21:56:16 ---A- . (.Sony Corporation - Sony USB Lower Filter driver.) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS [7552] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 19:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.FE5F310E37E228022C48EFA7BFC31C28] - 01/01/2005 - 22:47:13 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13859] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.6BDADA8549301714A96F0A11AB7E1044] - 26/10/1998 - 22:26:20 ---A- . (...) -- C:\WINDOWS\system32\Digita.sys [65864] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688] O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128] ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 05/03/2011 - 15:02:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ieaddons[2].txt [260] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8 [545] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\DEEA0BD81CC3B68E08E92D12B0916963 [20190] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8 [146] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\DEEA0BD81CC3B68E08E92D12B0916963 [106] O61 - LFC:Last File Created 05/03/2011 - 15:03:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\O449HYXZ\YL[1].xml [292] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@yahoo[2].txt [87] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D [2066] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D [112] O61 - LFC:Last File Created 05/03/2011 - 15:03:14 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@aco.solution.weborama[2].txt [376] O61 - LFC:Last File Created 05/03/2011 - 15:03:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7 [533] O61 - LFC:Last File Created 05/03/2011 - 15:03:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7 [118] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\B171751C11ECDD4C0C4BC4BBF7B99FBF [49694] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\B171751C11ECDD4C0C4BC4BBF7B99FBF [128] O61 - LFC:Last File Created 05/03/2011 - 15:03:43 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.verselejus[2].txt [331] O61 - LFC:Last File Created 05/03/2011 - 15:03:44 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC [494] O61 - LFC:Last File Created 05/03/2011 - 15:03:44 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC [130] O61 - LFC:Last File Created 05/03/2011 - 15:03:45 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\119EFCC56A568F53AA7025356F876799 [186835] O61 - LFC:Last File Created 05/03/2011 - 15:03:45 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\119EFCC56A568F53AA7025356F876799 [130] O61 - LFC:Last File Created 05/03/2011 - 15:05:10 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\4DB1DABDF57ED9997FE8DCC77E93C04F [11222] O61 - LFC:Last File Created 05/03/2011 - 15:05:10 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\4DB1DABDF57ED9997FE8DCC77E93C04F [98] O61 - LFC:Last File Created 05/03/2011 - 15:05:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\3D434AAE04CA1A2D4163E0DAD70AE256 [200757] O61 - LFC:Last File Created 05/03/2011 - 15:05:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\3D434AAE04CA1A2D4163E0DAD70AE256 [126] O61 - LFC:Last File Created 05/03/2011 - 15:05:41 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@login.live[1].txt [288] O61 - LFC:Last File Created 05/03/2011 - 15:05:42 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@mail.live[1].txt [196] O61 - LFC:Last File Created 05/03/2011 - 15:05:44 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\0JD6M2FA\sn128w.snt128.mail.live[1].xml [13] O61 - LFC:Last File Created 05/03/2011 - 15:05:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@h.live[1].txt [69] O61 - LFC:Last File Created 05/03/2011 - 15:05:54 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@live[1].txt [1014] O61 - LFC:Last File Created 05/03/2011 - 15:05:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\1H8YFLVC\secure.shared.live[1].xml [575] O61 - LFC:Last File Created 05/03/2011 - 15:05:59 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7742] O61 - LFC:Last File Created 05/03/2011 - 15:11:21 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\96D7A99548C36B10D2E8035A3E0DCA1A [243343] O61 - LFC:Last File Created 05/03/2011 - 15:11:21 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\96D7A99548C36B10D2E8035A3E0DCA1A [134] O61 - LFC:Last File Created 05/03/2011 - 15:11:27 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\1B9435E949F2B3D267BABDE0C8BC19A6 [519364] O61 - LFC:Last File Created 05/03/2011 - 15:11:27 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B9435E949F2B3D267BABDE0C8BC19A6 [134] O61 - LFC:Last File Created 05/03/2011 - 15:11:28 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7 [1310] O61 - LFC:Last File Created 05/03/2011 - 15:11:28 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7 [100] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\00813F57C0CBB9A83349C874FD014078 [289097] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 [289062] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\00813F57C0CBB9A83349C874FD014078 [124] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 [124] O61 - LFC:Last File Created 05/03/2011 - 15:11:37 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B [500] O61 - LFC:Last File Created 05/03/2011 - 15:11:37 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B [100] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\5154C7E36F61E43857D869D5C964DEF2 [243119] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\9CD8982C888AB544945893084BD7523A [389] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\B681B8816EE79EAEAA5CA7DA9EC0DC58 [429] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\5154C7E36F61E43857D869D5C964DEF2 [112] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\9CD8982C888AB544945893084BD7523A [132] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\B681B8816EE79EAEAA5CA7DA9EC0DC58 [136] O61 - LFC:Last File Created 05/03/2011 - 15:11:40 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\113E38FF18DDE7FA359D290705586F49 [301902] O61 - LFC:Last File Created 05/03/2011 - 15:11:40 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\113E38FF18DDE7FA359D290705586F49 [98] O61 - LFC:Last File Created 05/03/2011 - 15:11:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@societegenerale.solution.weborama[2].txt [241] O61 - LFC:Last File Created 05/03/2011 - 15:11:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@societegenerale[1].txt [81] O61 - LFC:Last File Created 05/03/2011 - 15:12:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@my.bodybuilding[1].txt [96] O61 - LFC:Last File Created 05/03/2011 - 15:15:43 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@xgraph[2].txt [404] O61 - LFC:Last File Created 05/03/2011 - 15:36:48 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bodybuilding[1].txt [791] O61 - LFC:Last File Created 05/03/2011 - 15:36:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.bodybuilding[1].txt [106] O61 - LFC:Last File Created 05/03/2011 - 15:37:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@content.yieldmanager[3].txt [221] O61 - LFC:Last File Created 05/03/2011 - 15:42:02 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030320110304\index.dat [32768] O61 - LFC:Last File Created 05/03/2011 - 15:43:15 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@webedia[1].txt [85] O61 - LFC:Last File Created 05/03/2011 - 15:43:25 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@247realmedia[2].txt [182] O61 - LFC:Last File Created 05/03/2011 - 15:43:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cinemovies[1].txt [356] O61 - LFC:Last File Created 05/03/2011 - 15:43:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@interflora2.solution.weborama[2].txt [420] O61 - LFC:Last File Created 05/03/2011 - 15:43:51 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@imageshack[2].txt [108] O61 - LFC:Last File Created 05/03/2011 - 15:43:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.dailymotion[1].txt [76] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@addthis[2].txt [513] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@particuliers.secure.societegenerale[2].txt [103] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.particuliers.societegenerale[2].txt [99] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat [17404] O61 - LFC:Last File Created 05/03/2011 - 16:07:05 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fr.news.yahoo[1].txt [566] O61 - LFC:Last File Created 05/03/2011 - 21:01:44 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\DisquesUSB sur Livebox (Livebox)\target.lnk [764] O61 - LFC:Last File Created 05/03/2011 - 21:01:44 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\DisquesUSB sur Livebox (Livebox)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\SharedDocs sur bureau (Sophie)\target.lnk [607] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\algo-tests sur bureau (Sophie)\target.lnk [607] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\SharedDocs sur bureau (Sophie)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\algo-tests sur bureau (Sophie)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:02:56 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\UserCache.bin [46509] O61 - LFC:Last File Created 05/03/2011 - 21:02:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Adobe\Color\ACECache10.lst [46137] O61 - LFC:Last File Created 05/03/2011 - 21:03:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\SharedDataEvents [3072] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeCMapFnt09.lst [508] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeComFnt09.lst [37609] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeSysFnt09.lst [83950] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Adobe\Acrobat\9.0\Cache\AcroFnt09.lst [7979] O61 - LFC:Last File Created 05/03/2011 - 21:41:42 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@bnpparibasnet.solution.weborama[2].txt [421] O61 - LFC:Last File Created 05/03/2011 - 21:41:42 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@cofidis2.solution.weborama[2].txt [400] O61 - LFC:Last File Created 05/03/2011 - 21:41:45 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@fr.yahoo[1].txt [436] O61 - LFC:Last File Created 05/03/2011 - 21:41:50 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@yahoo[2].txt [88] O61 - LFC:Last File Created 05/03/2011 - 21:41:52 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@adinterax[2].txt [174] O61 - LFC:Last File Created 05/03/2011 - 21:41:58 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@yahoo[1].txt [441] O61 - LFC:Last File Created 05/03/2011 - 21:42:19 ---A- C:\Documents And Settings\HP_Propriétaire\Bureau\bernard53.doc [80896] O61 - LFC:Last File Created 05/03/2011 - 21:42:35 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\bernard53.lnk [367] O61 - LFC:Last File Created 05/03/2011 - 21:42:38 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{551F6E0A-3FF1-11E0-84B8-0013D326442E}.dat [3584] O61 - LFC:Last File Created 05/03/2011 - 21:42:38 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{1B61EFBA-4769-11E0-84C6-0013D326442E}.dat [39936] O61 - LFC:Last File Created 05/03/2011 - 22:23:32 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@bubblestat[1].txt [961] O61 - LFC:Last File Created 05/03/2011 - 22:23:33 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@content.yieldmanager[1].txt [85] O61 - LFC:Last File Created 05/03/2011 - 22:23:51 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\OTL.lnk [427] O61 - LFC:Last File Created 06/03/2011 - 14:10:45 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012011030520110306\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 14:11:51 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk [2565] O61 - LFC:Last File Created 06/03/2011 - 14:11:56 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@imagesup[2].txt [79] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\HP_PAVILION ©.lnk [354] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\bernard53_bis.lnk [493] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 --H-- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\index.dat [1544] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Word10.pip [1832] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\HP_PAVILION ©.lnk [336] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\bernard53_bis.lnk [483] O61 - LFC:Last File Created 06/03/2011 - 14:14:14 -SH-- C:\Documents And Settings\HP_Propriétaire\ntuser.ini [284] O61 - LFC:Last File Created 06/03/2011 - 14:31:10 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 06/03/2011 - 14:31:13 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 14:31:15 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\Desktop.htt [11794] O61 - LFC:Last File Created 06/03/2011 - 14:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@analytics.live[1].txt [80] O61 - LFC:Last File Created 06/03/2011 - 14:33:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Recent\03062011_142607.log.lnk [493] O61 - LFC:Last File Created 06/03/2011 - 14:33:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Recent\HP_PAVILION ©.lnk [336] O61 - LFC:Last File Created 06/03/2011 - 15:14:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bubblestat[2].txt [981] O61 - LFC:Last File Created 06/03/2011 - 15:14:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@content.yieldmanager[1].txt [84] O61 - LFC:Last File Created 06/03/2011 - 16:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cofidis2.solution.weborama[2].txt [418] O61 - LFC:Last File Created 06/03/2011 - 16:08:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@alenty[1].txt [103] O61 - LFC:Last File Created 06/03/2011 - 16:08:48 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030520110306\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 16:09:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.zanox[1].txt [116] O61 - LFC:Last File Created 06/03/2011 - 16:09:52 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@reussissonsensemble[1].txt [931] O61 - LFC:Last File Created 06/03/2011 - 16:28:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@facebook[1].txt [180] O61 - LFC:Last File Created 06/03/2011 - 16:28:36 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bnpparibasnet.solution.weborama[2].txt [429] O61 - LFC:Last File Created 06/03/2011 - 16:28:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@meetic-partners[2].txt [483] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@a2dfp[1].txt [481] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@doctissimo[1].txt [77] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@pixel.rubiconproject[1].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@rubiconproject[2].txt [205] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adnxs[1].txt [284] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adtech[1].txt [397] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@advertstream[1].txt [133] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ftv-publicite[2].txt [159] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tf1[2].txt [150] O61 - LFC:Last File Created 06/03/2011 - 16:35:23 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:35:23 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:35:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@msnvideo.fr.msn[1].txt [82] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@c.fr.msn[1].txt [70] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@counters.gigya[1].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@gigya[1].txt [101] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@serving-sys[1].txt [1578] O61 - LFC:Last File Created 06/03/2011 - 16:35:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\HY9UXNCF\www.youtube[1].xml [13] O61 - LFC:Last File Created 06/03/2011 - 16:35:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol [81] O61 - LFC:Last File Created 06/03/2011 - 16:35:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [463] O61 - LFC:Last File Created 06/03/2011 - 16:36:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@numericable.solution.weborama[2].txt [409] O61 - LFC:Last File Created 06/03/2011 - 16:44:00 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d.adroll[1].txt [108] O61 - LFC:Last File Created 06/03/2011 - 16:44:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@contextweb[1].txt [83] O61 - LFC:Last File Created 06/03/2011 - 16:44:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@quantserve[1].txt [185] O61 - LFC:Last File Created 06/03/2011 - 16:44:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@weborama[2].txt [271] O61 - LFC:Last File Created 06/03/2011 - 16:44:08 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@scribol[1].txt [122] O61 - LFC:Last File Created 06/03/2011 - 16:44:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@undertone[1].txt [128] O61 - LFC:Last File Created 06/03/2011 - 16:44:14 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@altitudedigitalpartners[2].txt [207] O61 - LFC:Last File Created 06/03/2011 - 16:44:15 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tag.admeld[2].txt [188] O61 - LFC:Last File Created 06/03/2011 - 16:44:17 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[3].txt [231] O61 - LFC:Last File Created 06/03/2011 - 16:44:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@media6degrees[2].txt [478] O61 - LFC:Last File Created 06/03/2011 - 16:44:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d1.openx[2].txt [278] O61 - LFC:Last File Created 06/03/2011 - 16:44:24 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fl01.ct2.comclick[1].txt [588] O61 - LFC:Last File Created 06/03/2011 - 16:44:25 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[1].txt [396] O61 - LFC:Last File Created 06/03/2011 - 16:44:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@orbengine[2].txt [259] O61 - LFC:Last File Created 06/03/2011 - 16:44:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@pixer.meaningtool[2].txt [555] O61 - LFC:Last File Created 06/03/2011 - 16:44:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[4].txt [217] O61 - LFC:Last File Created 06/03/2011 - 16:44:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ads.undertone[2].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:44:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@skinnyvscurvy[2].txt [503] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@demr.opt.fimserve[1].txt [121] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@myspace[1].txt [1088] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@opt.fimserve[2].txt [445] O61 - LFC:Last File Created 06/03/2011 - 16:44:51 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\49OKM4K6\www.myspace[1].xml [14461] O61 - LFC:Last File Created 06/03/2011 - 16:45:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@intellitxt[2].txt [127] O61 - LFC:Last File Created 06/03/2011 - 16:45:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@abmr[2].txt [200] O61 - LFC:Last File Created 06/03/2011 - 16:45:07 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@collective-media[1].txt [557] O61 - LFC:Last File Created 06/03/2011 - 16:45:07 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@nexac[1].txt [71] O61 - LFC:Last File Created 06/03/2011 - 16:45:09 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@neowin[1].txt [466] O61 - LFC:Last File Created 06/03/2011 - 16:45:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bluekai[1].txt [953] O61 - LFC:Last File Created 06/03/2011 - 16:45:12 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@crowdscience[1].txt [94] O61 - LFC:Last File Created 06/03/2011 - 16:45:13 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.neowin[1].txt [260] O61 - LFC:Last File Created 06/03/2011 - 16:45:47 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@google[2].txt [130] O61 - LFC:Last File Created 06/03/2011 - 16:45:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\#SharedObjects\TXLEA5PB\s.ytimg.com\soundData.sol [49] O61 - LFC:Last File Created 06/03/2011 - 16:45:56 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@google[3].txt [348] O61 - LFC:Last File Created 06/03/2011 - 16:46:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.popeater[1].txt [176] O61 - LFC:Last File Created 06/03/2011 - 16:46:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@aol[1].txt [112] O61 - LFC:Last File Created 06/03/2011 - 16:46:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@at.atwola[1].txt [310] O61 - LFC:Last File Created 06/03/2011 - 16:46:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@atwola[1].txt [73] O61 - LFC:Last File Created 06/03/2011 - 16:46:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@popeater[2].txt [374] O61 - LFC:Last File Created 06/03/2011 - 16:46:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\7YJCOX3V\pmocntr2[1].xml [42] O61 - LFC:Last File Created 06/03/2011 - 16:46:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@b.aol[2].txt [108] O61 - LFC:Last File Created 06/03/2011 - 16:47:16 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.googleadservices[2].txt [522] O61 - LFC:Last File Created 06/03/2011 - 16:47:16 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.modatoi[2].txt [80] O61 - LFC:Last File Created 06/03/2011 - 16:47:18 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@modatoi[2].txt [381] O61 - LFC:Last File Created 06/03/2011 - 16:47:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@thefreaksquad[1].txt [83] O61 - LFC:Last File Created 06/03/2011 - 16:47:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@faniq[1].txt [227] O61 - LFC:Last File Created 06/03/2011 - 16:47:36 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@webadgency.solution.weborama[2].txt [133] O61 - LFC:Last File Created 06/03/2011 - 16:47:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d.psa-ads.openx[2].txt [112] O61 - LFC:Last File Created 06/03/2011 - 16:49:43 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030420110305\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:51:20 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@youtube[1].txt [179] O61 - LFC:Last File Created 06/03/2011 - 16:51:24 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\#SharedObjects\TXLEA5PB\s.ytimg.com\videostats.sol [199] O61 - LFC:Last File Created 06/03/2011 - 17:03:18 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.alternatehistory[2].txt [275] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@forum.zebulon[2].txt [392] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.zebulon[1].txt [98] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@zebulon[1].txt [429] O61 - LFC:Last File Created 06/03/2011 - 17:04:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@specificclick[2].txt [259] O61 - LFC:Last File Created 06/03/2011 - 17:04:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.beaute-test[2].txt [163] O61 - LFC:Last File Created 06/03/2011 - 17:04:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cas.criteo[1].txt [257] O61 - LFC:Last File Created 06/03/2011 - 17:04:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@criteo[1].txt [1687] O61 - LFC:Last File Created 06/03/2011 - 17:04:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{B1113C42-4731-11E0-84C5-0013D326442E}.dat [3584] O61 - LFC:Last File Created 06/03/2011 - 17:04:39 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@outbrain[2].txt [394] O61 - LFC:Last File Created 06/03/2011 - 17:04:39 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tacoda.at.atwola[1].txt [522] O61 - LFC:Last File Created 06/03/2011 - 17:04:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{6F92C166-480B-11E0-84C8-0013D326442E}.dat [905728] O61 - LFC:Last File Created 06/03/2011 - 17:08:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@metaffiliation[1].txt [1522] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\index.dat [212992] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\IETldCache\index.dat [262144] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030620110307\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\PrivacIE\index.dat [786432] O61 - LFC:Last File Created 06/03/2011 - 17:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@msn[2].txt [458] O61 - LFC:Last File Created 06/03/2011 - 17:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@scorecardresearch[1].txt [112] O61 - LFC:Last File Created 06/03/2011 - 17:08:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@boursoramabanque.solution.weborama[2].txt [493] O61 - LFC:Last File Created 06/03/2011 - 17:08:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fr.yahoo[2].txt [566] O61 - LFC:Last File Created 06/03/2011 - 17:08:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adinterax[2].txt [185] O61 - LFC:Last File Created 06/03/2011 - 17:08:42 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@yahoo[1].txt [727] O61 - LFC:Last File Created 06/03/2011 - 17:08:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.yieldmanager[1].txt [2760] O61 - LFC:Last File Created 06/03/2011 - 17:08:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@smartadserver[2].txt [990] O61 - LFC:Last File Created 06/03/2011 - 17:08:54 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@reactivpub[2].txt [216] O61 - LFC:Last File Created 06/03/2011 - 17:09:11 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adnext[2].txt [601] O61 - LFC:Last File Created 06/03/2011 - 17:09:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@beaute-test[2].txt [388] O61 - LFC:Last File Created 06/03/2011 - 17:09:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@betracking[2].txt [207] O61 - LFC:Last File Created 06/03/2011 - 17:09:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tracking.publicidees[1].txt [241] O61 - LFC:Last File Created 06/03/2011 - 17:09:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{6F92C167-480B-11E0-84C8-0013D326442E}.dat [3584] O61 - LFC:Last File Created 06/03/2011 - 17:09:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{1E2B1624-480C-11E0-84C8-0013D326442E}.dat [98816] O61 - LFC:Last File Created 06/03/2011 - 22:36:36 --HA- C:\Documents And Settings\Administrateur.PICASSO\NTUSER.DAT [5242880] O61 - LFC:Last File Created 06/03/2011 - 22:36:37 --HA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 06/03/2011 - 22:36:37 -SHA- C:\Documents And Settings\Administrateur.PICASSO\ntuser.ini [184] O61 - LFC:Last File Created 06/03/2011 - 22:37:39 -SH-- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:37:51 -SH-- C:\Documents And Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\0T3SAX82\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\1FM43AJG\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\7A6JPRG0\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\IWMP6LFD\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:02 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\History\History.IE5\desktop.ini [145] O61 - LFC:Last File Created 06/03/2011 - 22:39:00 -SH-- C:\Documents And Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:39:07 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFFEE2.tmp [0] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DF9CA6.tmp [0] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 ---A- C:\Documents And Settings\HP_Propriétaire\UserData\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 -SHA- C:\Documents And Settings\HP_Propriétaire\PrivacIE\index.dat [16187392] O61 - LFC:Last File Created 06/03/2011 - 22:39:24 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBACE.tmp [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:24 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBB4B.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBC66.tmp [16384] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBCE7.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBE80.tmp [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBF84.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt.combing[3].txt [251] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[3].txt [235] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@live[3].txt [233] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@msn[2].txt [234] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@windowsmarketplace[3].txt [261] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@zune[3].txt [233] O61 - LFC:Last File Created 06/03/2011 - 22:40:03 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@zebulon[2].txt [464] O61 - LFC:Last File Created 06/03/2011 - 22:40:13 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@forum.zebulon[1].txt [393] O61 - LFC:Last File Created 06/03/2011 - 22:40:19 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@www.zebulon[1].txt [100] O61 - LFC:Last File Created 06/03/2011 - 22:40:21 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [434] O61 - LFC:Last File Created 06/03/2011 - 22:40:22 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@specificclick[1].txt [259] O61 - LFC:Last File Created 06/03/2011 - 22:40:25 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@fr.a2dfp[2].txt [103] O61 - LFC:Last File Created 06/03/2011 - 22:40:28 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{30287258-483A-11E0-84C9-0013D326442E}.dat [17408] O61 - LFC:Last File Created 06/03/2011 - 22:40:44 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60AE0DFC-483A-11E0-84C9-0013D326442E}.dat [4096] O61 - LFC:Last File Created 06/03/2011 - 22:41:04 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\ZHPDiag2.lnk [500] O61 - LFC:Last File Created 06/03/2011 - 22:41:04 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\iufm.lnk [481] O61 - LFC:Last File Created 06/03/2011 - 22:42:28 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:42:28 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012011030620110307\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:42:32 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{24B8AAA3-483A-11E0-84C9-0013D326442E}.dat [5120] O61 - LFC:Last File Created 06/03/2011 - 22:42:32 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A159D73C-483A-11E0-84C9-0013D326442E}.dat [4096] O61 - LFC:Last File Created 06/03/2011 - 22:43:06 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Adobe\Color\ACECache10.lst [46137] O61 - LFC:Last File Created 06/03/2011 - 22:43:52 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [489] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\MBRCheck.lnk [716] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [709] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [704] O61 - LFC:Last File Created 06/03/2011 - 23:13:40 --HA- C:\Documents And Settings\Administrateur.PICASSO\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 [18] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A [528] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 [216] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A [140] O61 - LFC:Last File Created 06/03/2011 - 23:15:07 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\F482C95F83F1B59228F1B1E720F2EDF1 [70226] O61 - LFC:Last File Created 06/03/2011 - 23:15:07 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\F482C95F83F1B59228F1B1E720F2EDF1 [128] O61 - LFC:Last File Created 06/03/2011 - 23:15:16 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\1B749B72855CB97BF2F58675617C9BF9 [576] O61 - LFC:Last File Created 06/03/2011 - 23:15:16 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B749B72855CB97BF2F58675617C9BF9 [162] O61 - LFC:Last File Created 06/03/2011 - 23:15:32 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 [569] O61 - LFC:Last File Created 06/03/2011 - 23:15:32 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 [142] O61 - LFC:Last File Created 07/03/2011 - 02:46:36 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:36 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:37 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [81920] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [311296] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 -SHA- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Credentials\S-1-5-21-2705973081-667088016-391471673-1008\Credentials [524] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-2705973081-667088016-391471673-1008\Credentials [4626] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\index.dat [786432] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat [3342336] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 -SHA- C:\Documents And Settings\HP_Propriétaire\IETldCache\index.dat [262144] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\Cookies\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat [32768] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 02:48:22 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5535] O61 - LFC:Last File Created 07/03/2011 - 02:48:22 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [5535] O61 - LFC:Last File Created 07/03/2011 - 07:01:30 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 07:01:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-BRGSB.tmp\ZHPDiag2.tmp [715264] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-H49TP.tmp\_isetup\_RegDLL.tmp [4096] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-H49TP.tmp\_isetup\_shfoldr.dll [23312] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - (.not file.) - 58a5c980 (58a5c980) .(...) - LEGACY_58A5C980 O64 - Services: CurCS - C:\Program Files\a-squared Anti-Malware\a2service.exe - a-squared Anti-Malware Service (a2AntiMalware) .(.Emsi Software GmbH - a-squared Service.) - LEGACY_A2ANTIMALWARE O64 - Services: CurCS - C:\Windows\System32\Drivers\a347scsi.sys - a347scsi (a347scsi) .(.Pas de propriétaire - SCSI miniport.) - LEGACY_A347SCSI O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\AAVMKER4.sys - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(...) - LEGACY_AAVMKER4 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.3.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\aswFsBlk.sys - aswFsBlk (aswFsBlk) .(.ALWIL Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWMON2.sys - (.not file.) - avast! Standard Shield Support (aswMon2) .(...) - LEGACY_ASWMON2 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe - avast! iAVS4 Control Service (aswUpdSv) .(.ALWIL Software - avast! Antivirus updating service.) - LEGACY_ASWUPDSV O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashServ.exe - avast! Antivirus (avast! Antivirus) .(.ALWIL Software - avast! antivirus service.) - LEGACY_AVAST!_ANTIVIRUS O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe - avast! Mail Scanner (avast! Mail Scanner) .(.ALWIL Software - avast! e-Mail Scanner Service.) - LEGACY_AVAST!_MAIL_SCANNER O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe - avast! Web Scanner (avast! Web Scanner) .(.ALWIL Software - avast! Web Scanner.) - LEGACY_AVAST!_WEB_SCANNER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32 O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.sys - GTNDIS5 NDIS Protocol Driver (GTNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_GTNDIS5 O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - iPod Service (iPodService) .(.Apple Computer, Inc. - iPodService Module.) - LEGACY_IPODSERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - (.not file.) - Pml Driver HPZ12 (Pml Driver HPZ12) .(...) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113 O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Répondeur de découverte de topologie de la couche de liaison (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(...) - LEGACY_SERIAL O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(...) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - C:\WINDOWS\system32\wdfmgr.exe - Windows User Mode Driver Framework (UMWdf) .(.Microsoft Corporation - Windows User Mode Driver Manager.) - LEGACY_UMWDF O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ---\\ Liste des fichiers non signés (O65) O65 - LUF:09/01/2004 (.Pas de propriétaire - ActiveSkin Module.) (4, 2, 7, 3) - c:\windows\system32\actskin4.ocx O65 - LUF:31/01/2000 (.Pas de propriétaire - .) (1.0.0.0) - c:\windows\system32\bcbsmp50.bpl O65 - LUF:20/03/2002 (.Pas de propriétaire - HpReg Module.) (1, 0, 0, 2) - c:\windows\system32\hpreg.dll O65 - LUF:14/04/2000 (.Pas de propriétaire - LEADTOOLS FlashPix library.) (V1.1.FC1) - c:\windows\system32\Lffpx7.dll O65 - LUF:24/01/2001 (.Pas de propriétaire - prntfix Application.) (1.50) - c:\windows\system32\prntfix.exe O65 - LUF:15/08/2006 (.Pas de propriétaire - UpdateDriver Application.) (1, 0, 0, 3) - c:\windows\system32\UpdateDriver.exe O65 - LUF:30/04/2004 (. - .) (3.47.0.0 built by: WinDDK) - c:\windows\system32\drivers\a347bus.sys O65 - LUF:30/04/2004 (. - .) (3.47.0.0 built by: WinDDK) - c:\windows\system32\drivers\a347scsi.sys ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {42F3EC86-6C72-4CF4-8D9E-0D0584E7A57A} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 20/07/2009 719392 | C:\Program Files\a-squared Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files\a-squared Anti-Malware\a2service.exe SR - | Auto 24/11/2009 18752 | (aswUpdSv) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe SR - | Auto 06/04/2005 364544 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 24/11/2009 138680 | (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe SR - | Demand 24/11/2009 254040 | (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe SR - | Demand 24/11/2009 352920 | (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 06/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 24/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 13/10/2004 327680 | (iPodService) . (.Apple Computer, Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 25/07/2009 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by HP_Propriétaire at 07/03/2011 10:17:19 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84AF4008]<< 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x84CB5030] 3 CLASSPNP[0xF763CFD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000065[0x84D902C8] 5 ACPI[0xF748A620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x84D33D98] \Driver\atapi[0x84D90620] -> IRP_MJ_CREATE -> 0x84AF4008 kernel: MBR read successfully detected hooks: \Driver\atapi -> 0x84af4008 user & kernel MBR OK Warning: possible MBR rootkit infection ! Use "ZHPFix" command "MBRFix" to clear infection ! ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by HP_Propriétaire at 07/03/2011 10:17:20 Use the desktop link 'MBRCheck' to have full report Dump file Name : C:\PhysicalDisk0_MBR.bin End of the scan (1655 lines in 17mn 17s)(0)
  13. ben ali
    Bonjour Bernard, Comme convenu, voici le rapport ZHPDiag: Rapport de ZHPDiag v1.27.1628 par Nicolas Coolman, Update du 05/03/2011 Run by HP_Propriétaire at 07/03/2011 10:00:03 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox v3.5.15 (fr) GCIE: Google Chrome ---\\ System Information Windows XP Home Edition Service Pack 3 (Build 2600) Processor: x86 Family 15 Model 47 Stepping 0, AuthenticAMD Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 446 MB (39% free) System Restore: Activé (Enable) System drive C: has 114 GB (63%) free of 180 GB ---\\ Logged in mode Computer Name: PICASSO User Name: HP_Propriétaire All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HP_Propriétaire, HelpAssistant, Administrateur, Unselected Option: None Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Documents and Settings\HP_Propriétaire\Application Data %LocalAppData%=C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data %StartMenu%=C:\Documents and Settings\HP_Propriétaire\Menu Démarrer ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 114 Go of 180 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 6 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824] [MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000] [MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.13/04/2008 00:00:00.) -- C:\Windows\System32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\Windows\System32\drivers\ntfs.sys [574976] ---\\ Processus lancés [MD5.6BDB117F5CF40FE91FF50E1BB3F28184] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [364544] [MD5.5DEBC3519D489411073FA7E56FFB4A93] - (.ALWIL Software - avast! Antivirus updating service.) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [18752] [MD5.0AAF6B848185899CF76AE04E62EAB3D2] - (.ALWIL Software - avast! antivirus service.) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe [138680] [MD5.7B8875A5B04932AC73AFD8079864DB68] - (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\WINDOWS\ALCXMNTR.EXE [57344] [MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [MD5.BC8C698113F8576E4DB97CE2C1AED103] - (.Pas de propriétaire - ControlUtility MFC Application.) -- C:\Program Files\TM1184\ControlUtility\ControlUtility.exe [262144] [MD5.4367F2FBB01E4F8862E6351F1D8A16E7] - (.Emsi Software GmbH - a-squared Service.) -- C:\Program Files\a-squared Anti-Malware\a2service.exe [719392] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [MD5.112325F53AB720CA77825726D427FBDC] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.B2F564DC59B67763C73269E1A9DA7F18] - (.ALWIL Software - avast! e-Mail Scanner Service.) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [254040] [MD5.D86010C96ABADDA75356834D6113D37D] - (.ALWIL Software - avast! Web Scanner.) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [352920] [MD5.EC22CB0390D37E4FB2F174987B0E970F] - (.Nicolas Coolman - ZHPDiag.) -- C:\thomas\iufm\EmsisoftEmergencyKit\ZHPDiag2\ZHPDiag2.exe [2330128] [MD5.8C86190BAE1CE44913EE4C7108CD12FC] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\is-BRGSB.tmp\ZHPDiag2.tmp [715264] [MD5.EADCADF1AF5FBED3B517C4356811A06D] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPFix.exe [494592] [MD5.903E617600010767AE394F8083C9B1A7] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [632320] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [HP_Propriétaire] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Flash Player Helper 9.0 r28.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32_FlashUtil.exe P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Content Upload Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Content Upload Plugin.) -- C:\Program Files\DivX\DivX Content Uploader\npUpload.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll M0 - MFSP: prefs.js [HP_Propriétaire - kn1t48o0.default] http://www.google.fr/firefox&client=firefox-a&rlz=1R0GGIC_fr M2 - MFEP: prefs.js [HP_Propriétaire - kn1t48o0.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.) M2 - MFEP: prefs.js [HP_Propriétaire - kn1t48o0.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.0.20100326W (.Google Inc..) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R0 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R1 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (.not file.) O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) O4 - HKLM\..\Run: [sSBkgdUpdate] C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (.not file.) O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.) O4 - HKLM\..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (.not file.) O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline O4 - HKLM\..\Run: [combofix] C:\ComboFix\CF11975.cfxxe \c C:\ComboFix\Combobatch.bat (.not file.) O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.exe (.not file.) O4 - HKLM\..\Run: [AlcxMonitor] . (.Realtek Semiconductor Corp. - Realtek Audio - Event Monitor.) -- C:\Windows\ALCXMNTR.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.) O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) O4 - HKCU\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [shujesoxikayisuk] C:\WINDOWS\wintphl.dll (.not file.) O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) O4 - HKUS\S-1-5-21-2705973081-667088016-391471673-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Dell Control Utility.lnk . (...) -- C:\Program Files\TM1184\ControlUtility\ControlUtility.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office10\OSA.EXE ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Illustrator 10.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Illustrator 10 Evaluation\Support Files\Contents\Windows\Illustrator.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ImageReady 7.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\ImageReady.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\HP Precisionscan Pro 3.1 .lnk . (.Hewlett-Packard.) -- C:\Program Files\Hewlett-Packard\Precisionscan Pro 3.1\HP PrecisionScan Pro.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Inkscape.lnk . (...) -- C:\Program Files\Inkscape\inkscape.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation.) -- C:\Program Files\Securitoo\Controle Parental\Controle_parental.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\outicon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\pptico.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{9012040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Multi-channel Sound Manager.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\My PC Choice.lnk . (...) -- C:\hp\VINETLINK\VINETLINK.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Examens 2008.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Multi-channel Sound Manager.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~3\Office10\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.) O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader4.cab O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{20AABDF5-8342-48F5-B0D9-62DA886BC0BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} . (.Skyline software systems Inc. - TerraExplorerX DLL.) -- C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notification.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (a2AntiMalware) . (.Emsi Software GmbH - a-squared Service.) - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: (aswUpdSv) . (.ALWIL Software - avast! Antivirus updating service.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: (avast! Antivirus) . (.ALWIL Software - avast! antivirus service.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: (avast! Mail Scanner) . (.ALWIL Software - avast! e-Mail Scanner Service.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: (avast! Web Scanner) . (.ALWIL Software - avast! Web Scanner.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: (iPodService) . (.Apple Computer, Inc. - iPodService Module.) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\Windows\System32\DRIVERS\AmdK8.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (ethtlmnb) . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) - C:\WINDOWS\system32\drivers\ethtlmnb.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (. - .) - C:\Windows\System32\DRIVERS\intelppm.sys (.not file.) O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ---\\ Logiciels installés (O42) O42 - Logiciel: - (.Pas de propriétaire.) [HKLM] -- {E9F81423-211E-46B6-9AE0-38568BC5CF6F} O42 - Logiciel: AGCEEP - (.Pas de propriétaire.) [HKLM] -- AGCEEP O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Adobe Illustrator 10 Evaluation - (.Adobe Systems, Inc..) [HKLM] -- {662498D7-B5E8-4FED-87B8-764CD2C640A2} O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0 O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: AlacrityPC - (.Ken Salter.) [HKLM] -- {B6D0F294-B844-4FAF-9993-FAC10E9E0F94} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Avery Wizard 3.1 - (.Avery.) [HKLM] -- {B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027} O42 - Logiciel: Belkin 54Mbps Wireless Network Adapter - (.Belkin.) [HKLM] -- {F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE} O42 - Logiciel: Beneton Movie GIF 1.1.1 - (.Beneton Software.) [HKLM] -- Beneton Movie GIF_is1 O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM] -- Blender O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP Pro 3 - (.Free Software.) [HKLM] -- {896D642C-7125-44F0-AC49-A23ABF82209C} O42 - Logiciel: Canon MP Navigator 3.1 - (.Pas de propriétaire.) [HKLM] -- MP Navigator 3.1 O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint O42 - Logiciel: Compléments d'aide et de support - (.Hewlett Packard.) [HKLM] -- Help and Support Additions O42 - Logiciel: Connexion Facile à Internet - (.Hewlett-Packard.) [HKLM] -- InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D} O42 - Logiciel: DELL TrueMobile 1180 Wireless USB - (.Pas de propriétaire.) [HKLM] -- {50D0A606-4E25-460E-A345-5A5695175B30} O42 - Logiciel: Deer Hunter - The 2005 Season - (.Atari, Inc..) [HKLM] -- Deer Hunter 2005_is1 O42 - Logiciel: Dell TM 1184 Wireless Router Control Utility - (.Pas de propriétaire.) [HKLM] -- {DCB91C79-B78B-44B1-A7FE-28DECA6E9245} O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: DivX Content Uploader - (.DivX, Inc..) [HKLM] -- DivX Content Uploader O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9} O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9} O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29} O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD O42 - Logiciel: Europa Universalis 2 - (.Pas de propriétaire.) [HKLM] -- {CA5DD6E1-B508-4922-815D-479E3228B17A} O42 - Logiciel: FlightAlpes Autogenpack Sud - (.Pas de propriétaire.) [HKCU] -- FlightAlpes Autogenpack Sud O42 - Logiciel: FlightAlpes BasePack Nord - (.Pas de propriétaire.) [HKLM] -- FlightAlpes BasePack Nord O42 - Logiciel: FlightAlpes BasePack Sud - (.Pas de propriétaire.) [HKLM] -- FlightAlpes BasePack Sud O42 - Logiciel: FlightCorse AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightCorse AutogenPack O42 - Logiciel: FlightCorse BasePack - (.Pas de propriétaire.) [HKLM] -- FlightCorse BasePack O42 - Logiciel: FlightMediterranee AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightMediterranee AutogenPack O42 - Logiciel: FlightMediterranee BasePack - (.Pas de propriétaire.) [HKLM] -- FlightMediterranee BasePack O42 - Logiciel: FlightParis AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightParis AutogenPack O42 - Logiciel: FlightParis BasePack - (.Pas de propriétaire.) [HKLM] -- FlightParis BasePack O42 - Logiciel: FlightPyrenees Orientales AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightPyrenees Orientales AutogenPack O42 - Logiciel: FlightPyrénées Orientales BasePack - (.Pas de propriétaire.) [HKLM] -- FlightPyrénées Orientales BasePack O42 - Logiciel: FlightRiviera AutogenPack - (.Pas de propriétaire.) [HKLM] -- FlightRiviera AutogenPack O42 - Logiciel: FlightRiviera BasePack - (.Pas de propriétaire.) [HKLM] -- FlightRiviera BasePack O42 - Logiciel: GIMP 2.4.2 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: GTK+ 2.8.18-1 runtime environment - (.Tor Lillqvist.) [HKLM] -- WinGTK-2_is1 O42 - Logiciel: Gmax F-86 Sabre - (.Kirk Olsson.) [HKLM] -- Saber Jet Installer_is1 O42 - Logiciel: Google Toolbar for Firefox - (.Google Inc..) [HKLM] -- {2CCBABCB-6427-4A55-B091-49864623C43F} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: Grand Theft Auto Vice City - (.Pas de propriétaire.) [HKLM] -- {4B35F00C-E63D-40DC-9839-DF15A33EAC46} O42 - Logiciel: HP Precisionscan Pro 3.1 - (.Hewlett-Packard.) [HKLM] -- {6B36DEBF-27D0-4B1E-858D-D397091C6C7D} O42 - Logiciel: HP Product Detection - (.Hewlett-Packard Company.) [HKLM] -- {CAE7D1D9-3794-4169-B4DD-964ADBC534EE} O42 - Logiciel: HP Share-to-Web - (.Pas de propriétaire.) [HKLM] -- {748F4870-8350-11D3-B0BF-080009FB4A19} O42 - Logiciel: HP Solution Center 7.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: ICTS-WinTrader (remove only) - (.Pas de propriétaire.) [HKLM] -- ICTS-WinTrader O42 - Logiciel: Inkscape 0.45.1 - (.Pas de propriétaire.) [HKLM] -- Inkscape O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: InterVideo WinDVD Player - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144} O42 - Logiciel: J2SE Runtime Environment 5.0 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150000} O42 - Logiciel: J2SE Runtime Environment 5.0 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150060} O42 - Logiciel: Java 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Lecteur Windows Media 10 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logiciel de saisie de commande 2006 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande 2006 O42 - Logiciel: Logiciel de saisie de commande 2007 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande 2007 O42 - Logiciel: Logiciel de saisie de commande Pichon 2008 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande Pichon 2008 O42 - Logiciel: Logiciel de saisie de commande Pichon 2009 - (.Pas de propriétaire.) [HKLM] -- Logiciel de saisie de commande Pichon 2009 O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Macromedia Shockwave Player - (.Macromedia, Inc..) [HKLM] -- Macromedia Shockwave Player O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Master of Orion II - (.Pas de propriétaire.) [HKLM] -- Orion2DeinstKey O42 - Logiciel: Max Payne - (.Pas de propriétaire.) [HKLM] -- {39930321-4C58-4B8B-BCBF-342698C9801D} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Flight Simulator 2004 Un siècle d'aviation - (.Microsoft.) [HKLM] -- Flight Simulator 9.0 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office XP Standard - (.Microsoft Corporation.) [HKLM] -- {9012040C-6000-11D3-8CFE-0050048383C9} O42 - Logiciel: Microsoft Publisher 97 - (.Pas de propriétaire.) [HKLM] -- MSPUB4 O42 - Logiciel: Mozilla Firefox (3.5.15) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.15) O42 - Logiciel: OCR Software by I.R.I.S 7.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PC-Doctor for Windows - (.PC-Doctor, Inc..) [HKLM] -- InstallShield_{19C989C4-50AE-43A4-B06E-8C70FFFF852F} O42 - Logiciel: PS2 - (.Pas de propriétaire.) [HKLM] -- PS2 O42 - Logiciel: PhotoFiltre Studio - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre Studio O42 - Logiciel: Pro Evolution Soccer 6 - (.KONAMI.) [HKLM] -- InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514} O42 - Logiciel: Project Canarias 2006 - (.CanarySim.) [HKLM] -- {DA46AA5F-4934-4DAC-94E4-7D84AD9A4090} O42 - Logiciel: Project Canarias 2006 by CanarySim - (.Pas de propriétaire.) [HKLM] -- Project Canarias 2006 O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2 O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3 O42 - Logiciel: QuickTime - (.Pas de propriétaire.) [HKLM] -- QuickTime O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: ScanSoft OmniPage SE 4 - (.Nuance Communications, Inc..) [HKLM] -- {DEE88727-779B-47A9-ACEF-F87CA5F92A65} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Sonic Express Labeler - (.Sonic Solutions.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Sonic MyDVD Plus - (.Sonic Solutions.) [HKLM] -- {21657574-BD54-48A2-9450-EB03B2C7FC29} O42 - Logiciel: Sonic RecordNow Audio - (.Sonic Solutions.) [HKLM] -- {AB708C9B-97C8-4AC9-899B-DBF226AC9382} O42 - Logiciel: Sonic RecordNow Copy - (.Sonic Solutions.) [HKLM] -- {B12665F4-4E93-4AB4-B7FC-37053B524629} O42 - Logiciel: Sonic RecordNow Data - (.Sonic Solutions.) [HKLM] -- {075473F5-846A-448B-BCB3-104AA1760205} O42 - Logiciel: Sonic Update Manager - (.Sonic Solutions.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Spybot - Search & Destroy 1.5.2.20 - (.Safer Networking Ltd..) [HKLM] -- Spybot - Search & Destroy_is1 O42 - Logiciel: TerraExplorer - (.Skyline Software Systems, Inc..) [HKLM] -- TerraExplorer O42 - Logiciel: Tradexpert 2.76 - (.Dubus S.A..) [HKLM] -- Tradexpert 2.76_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VideoLAN VLC media player 0.8.6i - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Media Format Runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: a-squared Anti-Malware 2.0 - (.Emsi Software GmbH.) [HKLM] -- a-squared Anti-Malware_is1 O42 - Logiciel: avast! Antivirus - (.Alwil Software.) [HKLM] -- avast! O42 - Logiciel: iTunes - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{BE20E2F5-1903-4AAE-B1AF-2046E586C925} O42 - Logiciel: muvee autoProducer 4.0 - (.muvee Technologies.) [HKLM] -- {FC10C922-52E9-4739-ACD0-EB0FF035EE7E} O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\18RH6WMFH2] [HKCU\Software\ALWIL Software] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\Andreas Haak] [HKCU\Software\AppConf] [HKCU\Software\Aurigma] [HKCU\Software\Avery] [HKCU\Software\BST] [HKCU\Software\Belkin] [HKCU\Software\BitTorrent] [HKCU\Software\CDBurnerXP Pro 3] [HKCU\Software\CDDB] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\DivXNetworks] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\Emsi Software GmbH] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\InterObject] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\KillBox] [HKCU\Software\LLH] [HKCU\Software\LMSoft] [HKCU\Software\LWMViewer] [HKCU\Software\Lake] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Modern UI Test] [HKCU\Software\Mozilla] [HKCU\Software\Netopsystems] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PepiMK Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Remedy Entertainment] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SampleView] [HKCU\Software\ScanSoft] [HKCU\Software\SecuROM] [HKCU\Software\Skyline] [HKCU\Software\Skype] [HKCU\Software\SlySoft] [HKCU\Software\Snood LLC] [HKCU\Software\Softthinks] [HKCU\Software\Sonic] [HKCU\Software\Sony Corporation] [HKCU\Software\Symantec] [HKCU\Software\Sysinternals] [HKCU\Software\T10QP3808] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VCRPK] [HKCU\Software\Wget] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\keyhole.com] [HKLM\Software\58f] [HKLM\Software\781] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Alcohol Soft] [HKLM\Software\Andreas Haak] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Ariad] [HKLM\Software\Avance] [HKLM\Software\Avery] [HKLM\Software\Belkin] [HKLM\Software\BlenderFoundation] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DELL CORPORATION] [HKLM\Software\Debug] [HKLM\Software\Dell] [HKLM\Software\Disney Interactive] [HKLM\Software\DivXNetworks] [HKLM\Software\Earth Resource Mapping] [HKLM\Software\Emsi Software GmbH] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Florenc] [HKLM\Software\France VFR and FlightScenery] [HKLM\Software\France VFR] [HKLM\Software\FullCircle] [HKLM\Software\GTK] [HKLM\Software\GameSpy] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HPQ] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\InterObject] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\KONAMIPES6] [HKLM\Software\Kodak] [HKLM\Software\LLH] [HKLM\Software\Lake] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\Mindscape] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\PC-Doctor] [HKLM\Software\Paradox Entertainment] [HKLM\Software\PepiMK Software] [HKLM\Software\Photofiltre] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Preview Systems] [HKLM\Software\Program Groups] [HKLM\Software\Project Tempest] [HKLM\Software\Python] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Remedy Entertainment] [HKLM\Software\Reviversoft] [HKLM\Software\RichFX] [HKLM\Software\Rockstar Games] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Schlumberger] [HKLM\Software\Scivrvka] [HKLM\Software\Secure] [HKLM\Software\SimTex] [HKLM\Software\Skyline] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Southlogic] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\TM1184] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\Wilson WindowWare] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/08/2009 - 06:36:30 - [88609440] ----D- C:\Program Files\a-squared Anti-Malware O43 - CFD: 17/06/2009 - 17:50:46 - [523203832] ----D- C:\Program Files\Adobe O43 - CFD: 21/11/2005 - 08:35:58 - [3835068] ----D- C:\Program Files\Alcohol Soft O43 - CFD: 13/03/2008 - 11:57:00 - [238607607] ----D- C:\Program Files\Alwil Software O43 - CFD: 21/02/2007 - 23:44:02 - [613723947] ----D- C:\Program Files\Atari O43 - CFD: 01/01/2005 - 22:24:52 - [16257839] ----D- C:\Program Files\ATI Technologies O43 - CFD: 18/08/2008 - 15:17:04 - [5458626] ----D- C:\Program Files\Avery O43 - CFD: 21/05/2010 - 15:17:06 - [7149014] ----D- C:\Program Files\Belkin O43 - CFD: 30/08/2007 - 14:18:36 - [5675523] ----D- C:\Program Files\Beneton Movie GIF O43 - CFD: 11/07/2008 - 15:27:26 - [28064307] ----D- C:\Program Files\Blender Foundation O43 - CFD: 04/04/2009 - 20:33:56 - [49904469] ----D- C:\Program Files\Canon O43 - CFD: 23/02/2011 - 22:50:06 - [3583520] ----D- C:\Program Files\CCleaner O43 - CFD: 18/08/2006 - 07:05:56 - [20035205] ----D- C:\Program Files\CDBurnerXP Pro 3 O43 - CFD: 24/11/2004 - 02:37:34 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 03/01/2006 - 00:40:32 - [4601] ----D- C:\Program Files\Dell O43 - CFD: 21/05/2006 - 21:49:26 - [6166527] ----D- C:\Program Files\DELL TrueMobile 1180 Wireless USB O43 - CFD: 03/01/2007 - 11:30:12 - [57071852] ----D- C:\Program Files\DivX O43 - CFD: 02/01/2006 - 15:55:24 - [2930042796] ----D- C:\Program Files\EA GAMES O43 - CFD: 30/04/2009 - 07:28:06 - [34897920] ----D- C:\Program Files\Easy Internet signup O43 - CFD: 01/03/2011 - 21:45:24 - [875011356] ----D- C:\Program Files\Fichiers communs O43 - CFD: 07/01/2008 - 19:52:18 - [77459983] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 24/02/2011 - 09:40:22 - [108340348] ----D- C:\Program Files\Google O43 - CFD: 15/10/2005 - 14:24:40 - [7191455] ----D- C:\Program Files\Hewlett Packard O43 - CFD: 04/04/2009 - 10:44:20 - [70241232] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 18/06/2007 - 14:37:26 - [210676998] ----D- C:\Program Files\HP O43 - CFD: 02/01/2006 - 15:55:58 - [813304] ----D- C:\Program Files\HP Image Zone Express O43 - CFD: 01/01/2005 - 22:49:34 - [554699] ----D- C:\Program Files\HPQ O43 - CFD: 04/07/2008 - 17:11:26 - [3638] ----D- C:\Program Files\Icone O43 - CFD: 21/05/2009 - 03:49:14 - [20530725] ----D- C:\Program Files\ICTS-WinTrader O43 - CFD: 07/01/2008 - 20:08:14 - [122833224] ----D- C:\Program Files\Inkscape O43 - CFD: 21/05/2010 - 15:17:06 - [55826113] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/03/2011 - 21:50:50 - [6092807] ----D- C:\Program Files\Internet Explorer O43 - CFD: 24/12/2005 - 16:26:54 - [61621979] ----D- C:\Program Files\InterVideo O43 - CFD: 01/01/2005 - 22:44:40 - [462848] ----D- C:\Program Files\iPod O43 - CFD: 26/02/2011 - 11:28:18 - [14342625] ----D- C:\Program Files\iTunes O43 - CFD: 18/09/2009 - 10:49:08 - [219287285] ----D- C:\Program Files\Java O43 - CFD: 29/08/2006 - 13:14:20 - [9110358] ----D- C:\Program Files\javanns O43 - CFD: 16/04/2009 - 11:25:12 - [2135175] ----D- C:\Program Files\Ken Salter O43 - CFD: 20/04/2008 - 10:13:16 - [2571260816] ----D- C:\Program Files\KONAMI O43 - CFD: 03/05/2008 - 10:15:02 - [417280] ----D- C:\Program Files\labygen O43 - CFD: 04/07/2008 - 17:11:24 - [50416] ----D- C:\Program Files\LETMIN O43 - CFD: 25/02/2008 - 21:18:22 - [27733940] ----D- C:\Program Files\LimeWire O43 - CFD: 23/02/2011 - 22:59:44 - [4922240] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 21/02/2007 - 23:34:52 - [852547796] ----D- C:\Program Files\Max Payne O43 - CFD: 15/04/2009 - 23:50:24 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 21/11/2005 - 08:40:02 - [1019333] ----D- C:\Program Files\Micro Application O43 - CFD: 22/02/2007 - 13:32:28 - [343068667] ----D- C:\Program Files\Microprose O43 - CFD: 29/12/2009 - 17:57:40 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 16/03/2008 - 03:00:42 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 25/11/2004 - 04:27:08 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 13/05/2006 - 10:10:40 - [10255596384] ----D- C:\Program Files\Microsoft Games O43 - CFD: 21/02/2007 - 21:29:52 - [95814269] ----D- C:\Program Files\Microsoft Office O43 - CFD: 24/01/2009 - 21:56:26 - [72664366] ----D- C:\Program Files\Microsoft Publisher O43 - CFD: 13/08/2010 - 02:01:30 - [128316441] ----D- C:\Program Files\Movie Maker O43 - CFD: 21/12/2010 - 23:12:54 - [33837672] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 16/08/2009 - 01:32:22 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 15/10/2005 - 19:43:22 - [21471559] ----D- C:\Program Files\MSN O43 - CFD: 25/11/2004 - 04:27:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 15/11/2006 - 22:49:44 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 01/01/2005 - 23:13:24 - [81811124] ----D- C:\Program Files\muvee Technologies O43 - CFD: 15/04/2009 - 23:44:28 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 25/11/2004 - 04:27:42 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 30/01/2010 - 14:44:08 - [65907043] ----D- C:\Program Files\Orange O43 - CFD: 16/12/2010 - 00:40:54 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 02/01/2006 - 15:55:54 - [8401069] ----D- C:\Program Files\Papyrus O43 - CFD: 25/02/2006 - 16:32:32 - [481300225] ----D- C:\Program Files\Paradox Entertainment O43 - CFD: 24/10/2005 - 09:22:56 - [77657320] ----D- C:\Program Files\PC-Doctor for Windows O43 - CFD: 29/04/2008 - 18:30:54 - [4682711] ----D- C:\Program Files\PhotoFiltre O43 - CFD: 07/01/2008 - 00:55:52 - [3311450] ----D- C:\Program Files\Picasa2 O43 - CFD: 02/02/2006 - 23:35:42 - [79162820] ----D- C:\Program Files\Real O43 - CFD: 16/08/2009 - 01:32:12 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 23/04/2008 - 18:36:04 - [1571439363] ----D- C:\Program Files\Rockstar Games O43 - CFD: 03/04/2009 - 15:59:18 - [121570105] ----D- C:\Program Files\ScanSoft O43 - CFD: 30/01/2010 - 14:43:58 - [60435509] ----D- C:\Program Files\Securitoo O43 - CFD: 20/04/2010 - 12:55:50 - [34248154] ----D- C:\Program Files\Skyline O43 - CFD: 07/01/2008 - 19:10:20 - [0] ----D- C:\Program Files\SlySoft O43 - CFD: 10/01/2008 - 16:57:36 - [6536] ----D- C:\Program Files\Snood O43 - CFD: 10/01/2008 - 11:59:52 - [8956] ----D- C:\Program Files\Snood 4 Beta O43 - CFD: 01/01/2005 - 22:41:16 - [288035537] ----D- C:\Program Files\Sonic O43 - CFD: 29/12/2009 - 18:18:42 - [86491326] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 02/01/2006 - 15:55:26 - [67605] ----D- C:\Program Files\SurfRobot O43 - CFD: 13/03/2008 - 11:39:54 - [0] ----D- C:\Program Files\Symantec O43 - CFD: 04/02/2007 - 14:16:44 - [26708261] ----D- C:\Program Files\TM1184 O43 - CFD: 05/02/2009 - 19:54:34 - [2143342] ----D- C:\Program Files\Tradexpert2.76 O43 - CFD: 24/11/2004 - 02:37:46 - [0] ----D- C:\Program Files\Uninstall Information O43 - CFD: 28/12/2007 - 20:55:14 - [219952] ----D- C:\Program Files\uTorrent O43 - CFD: 18/07/2008 - 22:21:26 - [33538437] ----D- C:\Program Files\VideoLAN O43 - CFD: 29/12/2009 - 17:56:42 - [45806582] ----D- C:\Program Files\Windows Live O43 - CFD: 29/12/2009 - 17:57:20 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 15/04/2009 - 23:44:26 - [4694123] ----D- C:\Program Files\Windows Media Player O43 - CFD: 15/04/2009 - 23:44:26 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 24/11/2004 - 02:37:48 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 27/10/2006 - 17:58:50 - [4505019] ----D- C:\Program Files\WinRAR O43 - CFD: 09/01/2006 - 21:56:32 - [1851] ----D- C:\Program Files\WinZip O43 - CFD: 25/11/2004 - 04:28:02 - [0] ----D- C:\Program Files\xerox O43 - CFD: 07/03/2007 - 00:30:08 - [681416] ----D- C:\Program Files\Yahoo! O43 - CFD: 07/03/2011 - 10:00:20 - [3647253] ----D- C:\Program Files\ZHPDiag O43 - CFD: 17/06/2009 - 17:51:30 - [61529194] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 04/04/2009 - 20:36:08 - [560] ----D- C:\Program Files\Fichiers Communs\CANON O43 - CFD: 21/02/2007 - 21:30:40 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer O43 - CFD: 21/05/2010 - 15:25:28 - [1468637] ----D- C:\Program Files\Fichiers Communs\France Telecom O43 - CFD: 07/08/2006 - 18:02:26 - [23894037] ----D- C:\Program Files\Fichiers Communs\GTK O43 - CFD: 01/01/2005 - 22:36:22 - [406461] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 04/04/2009 - 10:46:56 - [0] ----D- C:\Program Files\Fichiers Communs\HP O43 - CFD: 01/01/2005 - 22:48:32 - [20245173] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 01/01/2005 - 22:19:12 - [30716740] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 05/04/2009 - 02:00:40 - [87296389] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 25/11/2004 - 04:26:40 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 01/01/2005 - 23:13:32 - [17377121] ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD: 25/11/2004 - 04:26:40 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 03/02/2010 - 10:27:46 - [20359875] ----D- C:\Program Files\Fichiers Communs\Real O43 - CFD: 03/04/2009 - 16:00:18 - [210472] ----D- C:\Program Files\Fichiers Communs\ScanSoft Shared O43 - CFD: 01/02/2005 - 09:33:14 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 01/01/2005 - 22:40:14 - [26699337] ----D- C:\Program Files\Fichiers Communs\Sonic Shared O43 - CFD: 25/11/2004 - 04:26:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 01/01/2005 - 22:40:24 - [475136] ----D- C:\Program Files\Fichiers Communs\SureThing Shared O43 - CFD: 25/02/2011 - 10:34:46 - [85160349] ----D- C:\Program Files\Fichiers Communs\Symantec Shared O43 - CFD: 15/04/2009 - 23:44:24 - [18764819] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 01/01/2005 - 22:41:16 - [355840] ----D- C:\Program Files\Fichiers Communs\TiVo Shared O43 - CFD: 18/02/2006 - 21:55:28 - [2616132] ----D- C:\Program Files\Fichiers Communs\Vbox O43 - CFD: 29/12/2009 - 17:53:08 - [181035378] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 14/03/2008 - 09:00:24 - [38233043] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 08/03/2006 - 22:41:46 - [253648896] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD: 03/02/2010 - 10:27:18 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared O43 - CFD: 01/03/2011 - 21:50:56 - [6995891] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe O43 - CFD: 05/09/2007 - 10:11:06 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM O43 - CFD: 01/01/2005 - 22:44:56 - [59270] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer O43 - CFD: 11/07/2008 - 14:59:48 - [5843285] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Blender Foundation O43 - CFD: 04/04/2009 - 20:36:52 - [4273443] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Canon O43 - CFD: 04/01/2007 - 17:55:14 - [20290] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\DivX O43 - CFD: 15/05/2007 - 21:22:42 - [33459] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Google O43 - CFD: 15/07/2008 - 20:39:44 - [83] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\gtk-2.0 O43 - CFD: 27/10/2006 - 17:58:50 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Help O43 - CFD: 18/06/2007 - 09:55:04 - [4764] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\HP O43 - CFD: 02/01/2006 - 15:55:26 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Identities O43 - CFD: 04/03/2009 - 12:07:04 - [921864] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express O43 - CFD: 07/01/2008 - 21:45:30 - [12829] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Inkscape O43 - CFD: 21/05/2010 - 15:16:56 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InstallShield O43 - CFD: 12/02/2006 - 12:07:34 - [344064] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InstallShield Installation Information O43 - CFD: 14/10/2005 - 06:46:06 - [5712] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\InterVideo O43 - CFD: 09/08/2006 - 15:22:38 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Lavasoft O43 - CFD: 18/10/2005 - 19:17:16 - [376] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Leadertech O43 - CFD: 25/02/2008 - 21:06:22 - [56343] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\LimeWire O43 - CFD: 28/04/2006 - 21:52:08 - [2648242] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia O43 - CFD: 23/02/2011 - 22:59:54 - [1668825] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes O43 - CFD: 11/02/2009 - 22:50:18 - [17099723] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft O43 - CFD: 27/12/2008 - 12:43:46 - [31339847] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla O43 - CFD: 08/01/2010 - 14:49:40 - [1121020] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Real O43 - CFD: 23/02/2011 - 22:40:02 - [973241] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Reviversoft O43 - CFD: 01/01/2005 - 22:57:10 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView O43 - CFD: 03/04/2009 - 16:00:34 - [16760] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\ScanSoft O43 - CFD: 20/01/2008 - 19:33:46 - [79016] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\skypePM O43 - CFD: 31/05/2006 - 17:04:02 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Sonic O43 - CFD: 02/01/2006 - 22:58:14 - [310798] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Sun O43 - CFD: 02/01/2006 - 20:00:14 - [575] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Symantec O43 - CFD: 03/01/2007 - 13:13:28 - [26158] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Talkback O43 - CFD: 27/10/2005 - 09:23:08 - [8704] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\Template O43 - CFD: 09/02/2009 - 19:27:10 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\U3 O43 - CFD: 04/12/2008 - 13:13:22 - [2360603] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\uTorrent O43 - CFD: 18/07/2008 - 22:23:22 - [371438] ----D- C:\Documents and Settings\HP_Propriétaire\Application Data\vlc O43 - CFD: 17/06/2009 - 17:59:08 - [213800072] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Adobe O43 - CFD: 01/01/2005 - 22:44:56 - [1133637] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Apple Computer O43 - CFD: 27/10/2008 - 08:45:54 - [52854] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\ApplicationHistory O43 - CFD: 24/02/2011 - 09:48:34 - [71821] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google O43 - CFD: 03/04/2010 - 11:43:50 - [10843] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Help O43 - CFD: 15/10/2005 - 09:42:32 - [237169039] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\HP O43 - CFD: 02/01/2006 - 15:55:26 - [303396] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Identities O43 - CFD: 16/04/2009 - 11:27:10 - [1503] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Ken_Salter O43 - CFD: 20/04/2009 - 19:06:30 - [624627588] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft O43 - CFD: 03/01/2007 - 13:13:14 - [131281] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla O43 - CFD: 03/04/2009 - 16:06:30 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Scansoft O43 - CFD: 18/10/2010 - 09:18:22 - [0] ----D- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Temp ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 08:50:43 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1763153] O44 - LFC:[MD5.5924B7DCE0515D75A7DB1396E1DC9816] - 07/03/2011 - 02:47:44 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/03/2011 - 02:47:24 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 02:47:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 07/03/2011 - 02:47:08 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 07/03/2011 - 02:46:35 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.ECAE8BD62E3AE0BB9B3942A812515D90] - 06/03/2011 - 23:22:20 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.9B9A439601FCB584FF25AA4B02759052] - 06/03/2011 - 20:28:58 ---A- . (...) -- C:\03062011_142607.log [13438] O44 - LFC:[MD5.B1AB9EB264AF24E3A625B43E1F7FDEF3] - 06/03/2011 - 14:33:02 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [542238] O44 - LFC:[MD5.F7632BA627F84212FC1C3D1E0A7E6830] - 06/03/2011 - 14:13:47 ---A- . (...) -- C:\bernard53_bis.doc [40448] O44 - LFC:[MD5.A4FC8D2CBAF88697A7C2057D81170423] - 06/03/2011 - 04:08:14 ---A- . (...) -- C:\OTL.Txt [169762] O44 - LFC:[MD5.E73B21C10839A84C0539224CDBF4D19A] - 05/03/2011 - 21:42:37 ---A- . (...) -- C:\bernard53.doc [80896] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 03/03/2011 - 22:28:21 ---A- . (...) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.9E51CABA3D044E48DEC321A8B9298AEC] - 03/03/2011 - 22:28:21 ---A- . (...) -- C:\WINDOWS\win.ini [774] O44 - LFC:[MD5.2A73366F739A4B9C0381071E88003986] - 03/03/2011 - 22:28:21 RSHA- . (...) -- C:\boot.ini [324] O44 - LFC:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 01/03/2011 - 21:16:21 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32526] O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 01/03/2011 - 20:58:44 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232] O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792] O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704] O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 01/03/2011 - 20:58:44 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480] O44 - LFC:[MD5.A6BDDF5454E6BC1224AB34D5910BFE28] - 01/03/2011 - 12:06:22 ---A- . (...) -- C:\WINDOWS\System32\d3d8caps.dat [552] O44 - LFC:[MD5.5DE7C745FCF8F6F09297BA2B09BA57BA] - 01/03/2011 - 10:43:59 ---A- . (...) -- C:\WINDOWS\setupapi.log [5279] O44 - LFC:[MD5.89906ED9C50D5E225A03F74C994747BD] - 01/03/2011 - 09:46:37 ---A- . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) -- C:\WINDOWS\System32\drivers\ethtlmnb.sys [136192] O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 26/02/2011 - 11:44:02 ---A- . (...) -- C:\WINDOWS\setupact.log [60] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/02/2011 - 11:44:02 ---A- . (...) -- C:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.AD76942193FCA9175F33AEED2EC5077F] - 24/02/2011 - 12:13:07 ---A- . (...) -- C:\WINDOWS\System32\d3d9caps.dat [664] O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 23/02/2011 - 22:59:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [38224] O44 - LFC:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 23/02/2011 - 22:59:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [20952] O44 - LFC:[MD5.B0E279838D0137E0A1B3F557B6A2534C] - 10/02/2011 - 03:27:31 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [292480] O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 08/11/2010 - 01:20:24 ---A- . (...) -- C:\WINDOWS\MBR.exe [89088] O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 15:58:12 ---A- . (...) -- C:\WINDOWS\PEV.exe [256512] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 08:00:00 ---A- . (...) -- C:\WINDOWS\zip.exe [68096] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.99184E1D6EDF866331DDFB4E45249928] - 01/03/2011 - 09:35:03 ---A- - C:\WINDOWS\Prefetch\RECGUARD .EXE-38DA81C3.pf O45 - LFCP:[MD5.EE953316C2519DF0574791C3118FC3EE] - 01/03/2011 - 09:35:06 ---A- - C:\WINDOWS\Prefetch\HPSYSDRV .EXE-3772EBA4.pf O45 - LFCP:[MD5.2EFBA5438481E42E4C53D99AE4B59FCC] - 01/03/2011 - 09:35:06 ---A- - C:\WINDOWS\Prefetch\WDFMGR.EXE-22A3D9C5.pf O45 - LFCP:[MD5.09D61257DB4C62421E8DE14970A3FC9F] - 01/03/2011 - 09:38:50 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5A9DC85C.pf O45 - LFCP:[MD5.05BABE613B210440FC3D730BD0DCAD03] - 01/03/2011 - 09:46:20 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-31B36D52.pf O45 - LFCP:[MD5.4096E5F3E6D2A1AA63946F60886AC0FD] - 01/03/2011 - 09:46:25 ---A- - C:\WINDOWS\Prefetch\NETSH.EXE-23AED181.pf O45 - LFCP:[MD5.C47BBF73760035901AD196D98F05545F] - 01/03/2011 - 10:08:28 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf O45 - LFCP:[MD5.0884F384B69F2689880B65F8343F282E] - 01/03/2011 - 10:23:02 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-024AD864.pf O45 - LFCP:[MD5.30B80FA813ADACF1E6A0447DF6C9BACF] - 01/03/2011 - 21:28:20 ---A- - C:\WINDOWS\Prefetch\COMBOFIX.EXE-22DBCA6F.pf O45 - LFCP:[MD5.6317725ED1E7E32B9029009D2B5938BF] - 01/03/2011 - 21:28:29 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-030260BF.pf O45 - LFCP:[MD5.7E67BD9E69339B6C9FF7793BDB9451C9] - 01/03/2011 - 21:28:30 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-25E064CA.pf O45 - LFCP:[MD5.ACD13CD8A3EE946AA6EA8F1E642218F9] - 01/03/2011 - 21:28:33 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-01B8D025.pf O45 - LFCP:[MD5.D143B59F5117984E47418412F59ED73F] - 01/03/2011 - 21:28:33 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-0DB651BD.pf O45 - LFCP:[MD5.2C5596EDEB91FD3BFFAB8E894A495762] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\GRPCONV.EXE-375690AD.pf O45 - LFCP:[MD5.6E2BA063B3C030B027638D4D9B5A651C] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4853FA67.pf O45 - LFCP:[MD5.09BBEE27B91FE5481C0BC77B2773D7D0] - 01/03/2011 - 21:28:39 ---A- - C:\WINDOWS\Prefetch\RUNONCE.EXE-01CA3A2F.pf O45 - LFCP:[MD5.0A047BA4075FA4F0B0E8FCD502BC4D51] - 01/03/2011 - 21:28:40 ---A- - C:\WINDOWS\Prefetch\GSAR.CFXXE-301E7415.pf O45 - LFCP:[MD5.4C6A47123F089E83E3770B2B3C360869] - 01/03/2011 - 21:28:42 ---A- - C:\WINDOWS\Prefetch\N.PIF-2ACDD654.pf O45 - LFCP:[MD5.B38AC7B836211011CDE7F3DE8BB713D3] - 01/03/2011 - 21:28:43 ---A- - C:\WINDOWS\Prefetch\SWREG.EXE-20DD5B9B.pf O45 - LFCP:[MD5.2BF4CED0E6A6008A579AB4663952304B] - 01/03/2011 - 21:28:49 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf O45 - LFCP:[MD5.02360BAE602431B175A62DE10AF51C36] - 01/03/2011 - 21:28:50 ---A- - C:\WINDOWS\Prefetch\PEV.EXE-0AB51BE4.pf O45 - LFCP:[MD5.7ADFB4B90DBB68F19A455E6AD9EA1580] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\CMD.CFXXE-1073D757.pf O45 - LFCP:[MD5.8AB1A22FA7C0D67453D533B1929CCC33] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\RMBR.CFXXE-2B2725AA.pf O45 - LFCP:[MD5.F163616EA02E6C21FB3B7D889A9EB9D0] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\SWREG.CFXXE-164FC802.pf O45 - LFCP:[MD5.808FF1EACE4B73A19F7E0F93BB197C0C] - 01/03/2011 - 21:28:53 ---A- - C:\WINDOWS\Prefetch\SWSC.CFXXE-1A6C2E33.pf O45 - LFCP:[MD5.62F902C5179E2C9DB01D5677365DD360] - 01/03/2011 - 21:28:54 ---A- - C:\WINDOWS\Prefetch\HANDLE.CFXXE-1ED26E07.pf O45 - LFCP:[MD5.1DDA1FCE04820A45F44A401C10FE8F7E] - 01/03/2011 - 21:29:15 ---A- - C:\WINDOWS\Prefetch\SWXCACLS.CFXXE-082AB030.pf O45 - LFCP:[MD5.02D6C2E08BFA84A2E4B3D67E3E00085B] - 01/03/2011 - 21:29:16 ---A- - C:\WINDOWS\Prefetch\ATTRIB.CFXXE-1334C304.pf O45 - LFCP:[MD5.A57593C63BAA1F567D044C1096EFE03E] - 01/03/2011 - 21:29:28 ---A- - C:\WINDOWS\Prefetch\NIRCMD.CFXXE-258F36B6.pf O45 - LFCP:[MD5.7CB1CDD753F5C365C339A162B51F4B73] - 01/03/2011 - 21:29:51 ---A- - C:\WINDOWS\Prefetch\A2EMERGENCYKIT.EXE-0AA6EBBB.pf O45 - LFCP:[MD5.3BE4FF7BBE4C8DBA2B60CFB709564CCE] - 01/03/2011 - 21:29:56 ---A- - C:\WINDOWS\Prefetch\START.EXE-049C4362.pf O45 - LFCP:[MD5.77E9475F68976099C1D766D0FF247333] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.CFXXE-2047784A.pf O45 - LFCP:[MD5.95639252642834AEAE6206C126DD559C] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\GREP.CFXXE-058D1CFD.pf O45 - LFCP:[MD5.B41A6F5553D5351D376F5AF9D05E0C57] - 01/03/2011 - 21:30:37 ---A- - C:\WINDOWS\Prefetch\SED.CFXXE-26699FCF.pf O45 - LFCP:[MD5.95FC338F520EB570B377FB74AE1A1DF6] - 01/03/2011 - 21:30:52 ---A- - C:\WINDOWS\Prefetch\PEV.CFXXE-234F95B8.pf O45 - LFCP:[MD5.767854AB5DB79056181E1BB29EB0AF44] - 01/03/2011 - 21:30:53 ---A- - C:\WINDOWS\Prefetch\HIDEC.EXE-110154A1.pf O45 - LFCP:[MD5.82D046310C880759EF2DB347BF6EC11B] - 01/03/2011 - 21:30:53 ---A- - C:\WINDOWS\Prefetch\PEV.EXE-38CD9EA3.pf O45 - LFCP:[MD5.59BD2FE4477323DAAC98457E4680430F] - 01/03/2011 - 21:30:54 ---A- - C:\WINDOWS\Prefetch\ATTRIB.EXE-15ACDFFE.pf O45 - LFCP:[MD5.99BC49B924B010E6E1CEFC8ADD8B7459] - 01/03/2011 - 21:31:03 ---A- - C:\WINDOWS\Prefetch\PEV.CFXXE-163A75C2.pf O45 - LFCP:[MD5.F67B438295E32FB33E8AC1B6FA63F48A] - 01/03/2011 - 21:31:04 ---A- - C:\WINDOWS\Prefetch\NIRCMD.CFXXE-13FF818C.pf O45 - LFCP:[MD5.C428F163E504EC4D3754399601A2A20F] - 01/03/2011 - 21:31:05 ---A- - C:\WINDOWS\Prefetch\ATTRIB.CFXXE-2659F53E.pf O45 - LFCP:[MD5.2B924227E9A6A886D0E2AAFE429727E8] - 01/03/2011 - 21:31:05 ---A- - C:\WINDOWS\Prefetch\SED.CFXXE-13206BAB.pf O45 - LFCP:[MD5.49C3C8538D86D854ABA386A5F6D02B71] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\CF10215.CFXXE-046019A3.pf O45 - LFCP:[MD5.D1C548DE8823D40D25A6A659174FD8CB] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\CHCP.COM-17EDBDC9.pf O45 - LFCP:[MD5.49E08B8BDD9A999D607814E5CFE30188] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\GREP.CFXXE-1143901C.pf O45 - LFCP:[MD5.76EA69546FDF04BDC1B4749EC2639A7F] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\NIRCMDC.CFXXE-1A723DB9.pf O45 - LFCP:[MD5.2EF00E0D1ED7C2CF8129D20C356BBCEC] - 01/03/2011 - 21:31:06 ---A- - C:\WINDOWS\Prefetch\SWREG.CFXXE-2EA30468.pf O45 - LFCP:[MD5.7FA38DE026F46EC1BF0769D11E122D99] - 03/03/2011 - 15:53:39 ---A- - C:\WINDOWS\Prefetch\CF11975.CFXXE-12829B90.pf O45 - LFCP:[MD5.196C191DBDB2144D2158B19B531BB771] - 03/03/2011 - 15:53:40 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-14139C8F.pf O45 - LFCP:[MD5.A087063BB2F9F0B7157DAEE914D8E33C] - 03/03/2011 - 15:53:40 ---A- - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf O45 - LFCP:[MD5.D4BBE8676A685F162518B67CFCEE65EC] - 03/03/2011 - 15:53:42 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-45BE1599.pf O45 - LFCP:[MD5.04A0AA25A2C7862B68CE897120846CD1] - 03/03/2011 - 15:53:43 ---A- - C:\WINDOWS\Prefetch\CONTROLUTILITY.EXE-146DDA10.pf O45 - LFCP:[MD5.FFAF3BB371F62EAFFA68605C200B7E91] - 03/03/2011 - 15:53:43 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf O45 - LFCP:[MD5.B31099C9247B7162767707F754CB79F4] - 03/03/2011 - 15:53:44 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf O45 - LFCP:[MD5.0C931E94E2F5ED01CE232C68B55C52F2] - 03/03/2011 - 15:53:47 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-2F4A2F77.pf O45 - LFCP:[MD5.C4A7C22F8F616A3EEE6CF6F48FD1F289] - 03/03/2011 - 15:54:45 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf O45 - LFCP:[MD5.B01294B5DC6CC9BDFE9A981DFB63529D] - 06/03/2011 - 22:39:36 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-1D8A4379.pf O45 - LFCP:[MD5.B9AAC1DE7551473E1DB6B8505ED1E492] - 06/03/2011 - 22:39:38 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf O45 - LFCP:[MD5.3173FB39D5C6ED61A1BE71A8C91C8A41] - 06/03/2011 - 22:43:04 ---A- - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-1A61B617.pf O45 - LFCP:[MD5.902EAA8D313C0E546C745F1343C6BFE4] - 06/03/2011 - 22:43:09 ---A- - C:\WINDOWS\Prefetch\WINRAR.EXE-0AA31BB9.pf O45 - LFCP:[MD5.4B391E36B480738545BA49AB826A92D5] - 06/03/2011 - 22:43:50 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-1FC25D32.pf O45 - LFCP:[MD5.09AA997B9723DE0903022F198B0976DA] - 06/03/2011 - 22:51:21 ---A- - C:\WINDOWS\Prefetch\LADS.EXE-0D3BCDEA.pf O45 - LFCP:[MD5.9476AC78E9D17F3D151B59453D542887] - 06/03/2011 - 22:51:24 ---A- - C:\WINDOWS\Prefetch\SETACL.EXE-089EBA3B.pf O45 - LFCP:[MD5.A066EDEF9C76A7FD2A5EC8ED752496CA] - 06/03/2011 - 22:51:24 ---A- - C:\WINDOWS\Prefetch\SUBINACL.EXE-041720E4.pf O45 - LFCP:[MD5.902BCD3E8DBFBC5C4F3AE2AD2F146EC4] - 06/03/2011 - 23:14:49 ---A- - C:\WINDOWS\Prefetch\SIGCHECK.EXE-01148FB6.pf O45 - LFCP:[MD5.528FE1D533CB76A13C099F5A6792B8A2] - 06/03/2011 - 23:22:18 ---A- - C:\WINDOWS\Prefetch\MBR.EXE-1F08BE4E.pf O45 - LFCP:[MD5.67F49BAC01AB871986936B75C31C60AC] - 06/03/2011 - 23:22:20 ---A- - C:\WINDOWS\Prefetch\MBRCHECK.EXE-06704EA0.pf O45 - LFCP:[MD5.54C91CD5B2F98E9616F49A225708A358] - 07/03/2011 - 01:05:38 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf O45 - LFCP:[MD5.7F247B1A3CE7B6C6CC3933D2CB944159] - 07/03/2011 - 01:05:38 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf O45 - LFCP:[MD5.9A67C2DEBA91DA60AAFFAC568ADCED22] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf O45 - LFCP:[MD5.910D51E3A4C7522F154B4744B4910990] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ASHMAISV.EXE-072F6A23.pf O45 - LFCP:[MD5.E567B5314A3F1CD3D386A8BCFB04282E] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\ASHWEBSV.EXE-3530B302.pf O45 - LFCP:[MD5.1795BAA536EB52461C6F21F74A307C74] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf O45 - LFCP:[MD5.C27DB50D3A03074E7D961B77029B7560] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.0392BFCB78C552A2AF18F93F102C5A25] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf O45 - LFCP:[MD5.F801017D3F134A1273C3B28C85CFF1C9] - 07/03/2011 - 02:48:20 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf O45 - LFCP:[MD5.F6ABCC5ADA1FFD0B785051B8AEA00132] - 07/03/2011 - 02:48:21 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf O45 - LFCP:[MD5.BFFAA9C970CA3FCF946527E34586B8DA] - 07/03/2011 - 02:48:21 ---A- - C:\WINDOWS\Prefetch\WGATRAY.EXE-350D4455.pf O45 - LFCP:[MD5.C55B627C95AE03EB439FA091D9782F4A] - 07/03/2011 - 03:13:26 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.F7E1558DD97D999BE1A7709A19EA560B] - 07/03/2011 - 03:47:10 ---A- - C:\WINDOWS\Prefetch\SSPIPES.SCR-111D20AE.pf O45 - LFCP:[MD5.63CCE8E2E844C45E23FD68C34D0A1A2B] - 07/03/2011 - 07:01:19 ---A- - C:\WINDOWS\Prefetch\AVAST.SETUP-295443AF.pf O45 - LFCP:[MD5.0D3660C9469EE0BFDF2863B07D94B69C] - 07/03/2011 - 08:50:30 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf O45 - LFCP:[MD5.1CB43A581ACA58E49BC2CBC57D1737F1] - 07/03/2011 - 09:53:35 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-160E1F62.pf O45 - LFCP:[MD5.6DDA7AF37065B88E9AC2965EF5487F8E] - 07/03/2011 - 09:57:18 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf O45 - LFCP:[MD5.EF429BD7BCAA80E4E31A1CB02312DE4D] - 07/03/2011 - 09:58:13 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-2AB7F0EA.pf O45 - LFCP:[MD5.DD75F0F63239C818C203D88622F8A6EF] - 07/03/2011 - 09:58:30 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.EXE-234F2181.pf O45 - LFCP:[MD5.C2CE0EA7D177302FD60C8D318D900C06] - 07/03/2011 - 09:58:30 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG2.TMP-10870A95.pf O45 - LFCP:[MD5.C688D7D4CA2869552B05DAA33F1480F3] - 07/03/2011 - 09:58:54 ---A- - C:\WINDOWS\Prefetch\ZHPFIX.EXE-29819034.pf O45 - LFCP:[MD5.3C9B1B04F76FCB42D756F61293395907] - 07/03/2011 - 09:59:57 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf O45 - LFCP:[MD5.CE7B66140D094A1D61BFF54025095E48] - 07/03/2011 - 10:00:19 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf O45 - LFCP:[MD5.4525C7405DC7F1829997E6545ACDB7E0] - 22/02/2011 - 09:53:21 ---A- - C:\WINDOWS\Prefetch\CNMSE8R.EXE-2B10576F.pf O45 - LFCP:[MD5.6D42ABD74D837A13F05A5C97655A7E17] - 22/02/2011 - 09:53:40 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-421209DA.pf O45 - LFCP:[MD5.21F744FBB4F6EE11DD8FA89CBC3BBC13] - 24/02/2011 - 09:46:28 ---A- - C:\WINDOWS\Prefetch\IPODSERVICE.EXE-37043579.pf O45 - LFCP:[MD5.B95D681D60F978A1A5EA060B1EC36475] - 24/02/2011 - 09:50:42 ---A- - C:\WINDOWS\Prefetch\JAVA.EXE-32FD225F.pf O45 - LFCP:[MD5.60D1EDEFD35604B06281856BD796402C] - 25/02/2011 - 17:52:21 ---A- - C:\WINDOWS\Prefetch\QTTASK.EXE-1876A1A1.pf O45 - LFCP:[MD5.619F72C05661E87C5B52DF0B56D14203] - 25/02/2011 - 17:52:42 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-0A89F0A0.pf O45 - LFCP:[MD5.899DCA9FC7E13DD55A23F4DBDFE406A3] - 25/02/2011 - 17:53:10 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-32F537AF.pf O45 - LFCP:[MD5.3007A8241FC707E612766D9D851F9AAF] - 25/02/2011 - 17:53:33 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-2A835E82.pf O45 - LFCP:[MD5.248E1F07EAC11A6D4E7CA7EABF3E5C96] - 25/02/2011 - 17:53:53 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-01444BFF.pf O45 - LFCP:[MD5.A3D624C2E4E9995A4EBD9EDB8A022640] - 25/02/2011 - 17:54:32 ---A- - C:\WINDOWS\Prefetch\QTTASK .EXE-2AEB2148.pf O45 - LFCP:[MD5.839BF623B6F20929E1728DCAE65A114A] - 26/02/2011 - 11:25:49 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-58CC116F.pf O45 - LFCP:[MD5.8AB3D37E52435EE073AB3419603216CF] - 26/02/2011 - 11:26:13 ---A- - C:\WINDOWS\Prefetch\73UABUBD.EXE-2B9EDE79.pf O45 - LFCP:[MD5.6ADE2AD16F41B8EF92E27C43F0881A3B] - 26/02/2011 - 11:43:37 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf O45 - LFCP:[MD5.E78DA2B758CCC16184469FB176C0536E] - 26/02/2011 - 14:24:40 ---A- - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf O45 - LFCP:[MD5.666CFCF0392BEAA4CD64349CB28DF35E] - 26/02/2011 - 14:26:07 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\AOL 9.0\waol.exe (.not file.) O47 - AAKE:Key Export SP - "E:\Setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- E:\Setup.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe" [Enabled] .(.Microsoft Corporation - Microsoft Flight Simulator.) -- C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpnsvr.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay8 Server.) -- C:\WINDOWS\system32\dpnsvr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Real\RealPlayer\realplay.exe" [Enabled] .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Kazaa\kazaa.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kazaa\kazaa.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe" [Disabled] .(.KONAMI - pes6.exe.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\igbi\setup.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Temp\igbi\setup.exe (.not file.) O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%ProgramFiles%\iTunes\iTunes.exe" [Enabled] .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.4.0 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Recherche de Drivers Rootkit (O57) O57 - SDR:Search Drivers Rootkit - ( - .) -- ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.1F61CACACB521215F39061789147968C] - 30/04/2004 - 09:37:02 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\a347bus.sys [160640] O58 - SDL:[MD5.113E4B318BBAA7483CA4E582A4D63F49] - 30/04/2004 - 09:33:00 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\drivers\a347scsi.sys [5248] O58 - SDL:[MD5.2CCFA74242741CA22A4267CCE9B586F4] - 24/11/2009 - 23:47:54 ---A- . (.ALWIL Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [27408] O58 - SDL:[MD5.2F7F3E8DA380325866E566F5D5EC23D5] - 21/05/2010 - 15:17:16 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [20747] O58 - SDL:[MD5.781C5EC517C53F5214B61253B20C13C4] - 20/04/2005 - 19:00:56 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2317696] O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 09/03/2005 - 22:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008] O58 - SDL:[MD5.B4079A98F294A3E262872CB76F4849F0] - 24/11/2009 - 23:50:00 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [20560] O58 - SDL:[MD5.F5296ECFCBFE5935253AE6C29E6D086E] - 24/11/2009 - 23:51:09 ---A- . (.ALWIL Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [93424] O58 - SDL:[MD5.DBEE7B5ECB50FC2CF9323F52CBF41141] - 24/11/2009 - 23:50:59 ---A- . (.ALWIL Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [94160] O58 - SDL:[MD5.8080D683489C99CBACE813F6FA4069CC] - 24/11/2009 - 23:48:57 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [23120] O58 - SDL:[MD5.2E5A2AD5004B55DF39B7606130A88142] - 24/11/2009 - 23:50:12 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [114768] O58 - SDL:[MD5.D4C83A37EFADFA2C398362E0776E3773] - 24/11/2009 - 23:49:07 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [48560] O58 - SDL:[MD5.B0ED1300F915817C00DCFD7F84EE1300] - 13/04/2008 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] O58 - SDL:[MD5.E9EBF7DCA6C5EB9C597035A10A5A6A1B] - 06/04/2005 - 05:58:48 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [1035776] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 19:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.9085EBEED5503C392B03F4CC129D779B] - 09/08/2002 - 14:46:10 ---A- . (.DELL Corporation - DELL Wireless NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\DELUSB_51.sys [606208] O58 - SDL:[MD5.89906ED9C50D5E225A03F74C994747BD] - 01/03/2011 - 09:46:37 ---A- . (.Windows ® Codename Longhorn DDK provider - VYNIAJF ODCJ NPCCVRVPAFH OA UX.) -- C:\WINDOWS\system32\drivers\ethtlmnb.sys [136192] O58 - SDL:[MD5.2FB04DB459C71F416EE8B05448CA4AC3] - 14/09/2004 - 21:38:26 ---A- . (.GEAR Software Inc. - CDRom Class Filter Driver.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [13872] O58 - SDL:[MD5.30CA91E657CEDE2F95359D6EF186F650] - 13/04/2006 - 02:04:39 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49664] O58 - SDL:[MD5.EFD31AFA752AA7C7BBB57BCBE2B01C78] - 13/04/2006 - 02:04:39 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.7AC43C38CA8FD7ED0B0A4466F753E06E] - 13/04/2006 - 02:04:39 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568] O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 04/08/2004 - 07:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.505CBA425DF3BB230F244E1C23221058] - 19/01/2005 - 17:21:56 ---A- . (.Windows ® 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys [12416] O58 - SDL:[MD5.231F133B4A5A04307ABD95CAC80FD063] - 23/03/2000 - 05:42:24 ---A- . (.PC-Doctor Inc. - PC-Doctor NT Support Driver.) -- C:\WINDOWS\system32\drivers\PcdrNt.sys [44192] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 12/12/2005 - 17:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.2EF9C0DC26B30B2318B1FC3FAA1F0AE7] - 04/10/2002 - 18:04:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139/810x Family NDIS 5.1 Drv.) -- C:\WINDOWS\system32\drivers\R8139n51.sys [46976] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 19:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.4F153709D0691C6DE8C9A4C5E813907C] - 02/10/2007 - 03:06:40 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt73.sys [451968] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 04/08/2004 - 05:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A1ECEEAA5C5E74B2499EB51D38185B84] - 17/08/2001 - 21:56:16 ---A- . (.Sony Corporation - Sony USB Lower Filter driver.) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS [7552] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 19:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 19:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.FE5F310E37E228022C48EFA7BFC31C28] - 01/01/2005 - 22:47:13 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13859] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.6BDADA8549301714A96F0A11AB7E1044] - 26/10/1998 - 22:26:20 ---A- . (...) -- C:\WINDOWS\system32\Digita.sys [65864] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 19:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688] O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128] ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 05/03/2011 - 15:02:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ieaddons[2].txt [260] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8 [545] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\DEEA0BD81CC3B68E08E92D12B0916963 [20190] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8 [146] O61 - LFC:Last File Created 05/03/2011 - 15:03:02 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\DEEA0BD81CC3B68E08E92D12B0916963 [106] O61 - LFC:Last File Created 05/03/2011 - 15:03:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\O449HYXZ\YL[1].xml [292] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@yahoo[2].txt [87] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D [2066] O61 - LFC:Last File Created 05/03/2011 - 15:03:04 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D [112] O61 - LFC:Last File Created 05/03/2011 - 15:03:14 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@aco.solution.weborama[2].txt [376] O61 - LFC:Last File Created 05/03/2011 - 15:03:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7 [533] O61 - LFC:Last File Created 05/03/2011 - 15:03:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7 [118] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\B171751C11ECDD4C0C4BC4BBF7B99FBF [49694] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94] O61 - LFC:Last File Created 05/03/2011 - 15:03:32 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\B171751C11ECDD4C0C4BC4BBF7B99FBF [128] O61 - LFC:Last File Created 05/03/2011 - 15:03:43 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.verselejus[2].txt [331] O61 - LFC:Last File Created 05/03/2011 - 15:03:44 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC [494] O61 - LFC:Last File Created 05/03/2011 - 15:03:44 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC [130] O61 - LFC:Last File Created 05/03/2011 - 15:03:45 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\119EFCC56A568F53AA7025356F876799 [186835] O61 - LFC:Last File Created 05/03/2011 - 15:03:45 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\119EFCC56A568F53AA7025356F876799 [130] O61 - LFC:Last File Created 05/03/2011 - 15:05:10 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\4DB1DABDF57ED9997FE8DCC77E93C04F [11222] O61 - LFC:Last File Created 05/03/2011 - 15:05:10 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\4DB1DABDF57ED9997FE8DCC77E93C04F [98] O61 - LFC:Last File Created 05/03/2011 - 15:05:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\3D434AAE04CA1A2D4163E0DAD70AE256 [200757] O61 - LFC:Last File Created 05/03/2011 - 15:05:31 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\3D434AAE04CA1A2D4163E0DAD70AE256 [126] O61 - LFC:Last File Created 05/03/2011 - 15:05:41 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@login.live[1].txt [288] O61 - LFC:Last File Created 05/03/2011 - 15:05:42 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@mail.live[1].txt [196] O61 - LFC:Last File Created 05/03/2011 - 15:05:44 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\0JD6M2FA\sn128w.snt128.mail.live[1].xml [13] O61 - LFC:Last File Created 05/03/2011 - 15:05:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@h.live[1].txt [69] O61 - LFC:Last File Created 05/03/2011 - 15:05:54 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@live[1].txt [1014] O61 - LFC:Last File Created 05/03/2011 - 15:05:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\1H8YFLVC\secure.shared.live[1].xml [575] O61 - LFC:Last File Created 05/03/2011 - 15:05:59 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7742] O61 - LFC:Last File Created 05/03/2011 - 15:11:21 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\96D7A99548C36B10D2E8035A3E0DCA1A [243343] O61 - LFC:Last File Created 05/03/2011 - 15:11:21 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\96D7A99548C36B10D2E8035A3E0DCA1A [134] O61 - LFC:Last File Created 05/03/2011 - 15:11:27 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\1B9435E949F2B3D267BABDE0C8BC19A6 [519364] O61 - LFC:Last File Created 05/03/2011 - 15:11:27 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B9435E949F2B3D267BABDE0C8BC19A6 [134] O61 - LFC:Last File Created 05/03/2011 - 15:11:28 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7 [1310] O61 - LFC:Last File Created 05/03/2011 - 15:11:28 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7 [100] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\00813F57C0CBB9A83349C874FD014078 [289097] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 [289062] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\00813F57C0CBB9A83349C874FD014078 [124] O61 - LFC:Last File Created 05/03/2011 - 15:11:36 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 [124] O61 - LFC:Last File Created 05/03/2011 - 15:11:37 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B [500] O61 - LFC:Last File Created 05/03/2011 - 15:11:37 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B [100] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\5154C7E36F61E43857D869D5C964DEF2 [243119] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\9CD8982C888AB544945893084BD7523A [389] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\B681B8816EE79EAEAA5CA7DA9EC0DC58 [429] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\5154C7E36F61E43857D869D5C964DEF2 [112] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\9CD8982C888AB544945893084BD7523A [132] O61 - LFC:Last File Created 05/03/2011 - 15:11:38 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\B681B8816EE79EAEAA5CA7DA9EC0DC58 [136] O61 - LFC:Last File Created 05/03/2011 - 15:11:40 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\Content\113E38FF18DDE7FA359D290705586F49 [301902] O61 - LFC:Last File Created 05/03/2011 - 15:11:40 -S-A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\CryptnetUrlCache\MetaData\113E38FF18DDE7FA359D290705586F49 [98] O61 - LFC:Last File Created 05/03/2011 - 15:11:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@societegenerale.solution.weborama[2].txt [241] O61 - LFC:Last File Created 05/03/2011 - 15:11:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@societegenerale[1].txt [81] O61 - LFC:Last File Created 05/03/2011 - 15:12:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@my.bodybuilding[1].txt [96] O61 - LFC:Last File Created 05/03/2011 - 15:15:43 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@xgraph[2].txt [404] O61 - LFC:Last File Created 05/03/2011 - 15:36:48 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bodybuilding[1].txt [791] O61 - LFC:Last File Created 05/03/2011 - 15:36:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.bodybuilding[1].txt [106] O61 - LFC:Last File Created 05/03/2011 - 15:37:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@content.yieldmanager[3].txt [221] O61 - LFC:Last File Created 05/03/2011 - 15:42:02 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030320110304\index.dat [32768] O61 - LFC:Last File Created 05/03/2011 - 15:43:15 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@webedia[1].txt [85] O61 - LFC:Last File Created 05/03/2011 - 15:43:25 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@247realmedia[2].txt [182] O61 - LFC:Last File Created 05/03/2011 - 15:43:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cinemovies[1].txt [356] O61 - LFC:Last File Created 05/03/2011 - 15:43:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@interflora2.solution.weborama[2].txt [420] O61 - LFC:Last File Created 05/03/2011 - 15:43:51 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@imageshack[2].txt [108] O61 - LFC:Last File Created 05/03/2011 - 15:43:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.dailymotion[1].txt [76] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@addthis[2].txt [513] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@particuliers.secure.societegenerale[2].txt [103] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.particuliers.societegenerale[2].txt [99] O61 - LFC:Last File Created 05/03/2011 - 15:50:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat [17404] O61 - LFC:Last File Created 05/03/2011 - 16:07:05 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fr.news.yahoo[1].txt [566] O61 - LFC:Last File Created 05/03/2011 - 21:01:44 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\DisquesUSB sur Livebox (Livebox)\target.lnk [764] O61 - LFC:Last File Created 05/03/2011 - 21:01:44 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\DisquesUSB sur Livebox (Livebox)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\SharedDocs sur bureau (Sophie)\target.lnk [607] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\algo-tests sur bureau (Sophie)\target.lnk [607] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\SharedDocs sur bureau (Sophie)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:01:45 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Voisinage réseau\algo-tests sur bureau (Sophie)\Desktop.ini [75] O61 - LFC:Last File Created 05/03/2011 - 21:02:56 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\UserCache.bin [46509] O61 - LFC:Last File Created 05/03/2011 - 21:02:58 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Adobe\Color\ACECache10.lst [46137] O61 - LFC:Last File Created 05/03/2011 - 21:03:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\SharedDataEvents [3072] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeCMapFnt09.lst [508] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeComFnt09.lst [37609] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Adobe\Acrobat\9.0\AdobeSysFnt09.lst [83950] O61 - LFC:Last File Created 05/03/2011 - 21:05:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Adobe\Acrobat\9.0\Cache\AcroFnt09.lst [7979] O61 - LFC:Last File Created 05/03/2011 - 21:41:42 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@bnpparibasnet.solution.weborama[2].txt [421] O61 - LFC:Last File Created 05/03/2011 - 21:41:42 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@cofidis2.solution.weborama[2].txt [400] O61 - LFC:Last File Created 05/03/2011 - 21:41:45 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@fr.yahoo[1].txt [436] O61 - LFC:Last File Created 05/03/2011 - 21:41:50 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@yahoo[2].txt [88] O61 - LFC:Last File Created 05/03/2011 - 21:41:52 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@adinterax[2].txt [174] O61 - LFC:Last File Created 05/03/2011 - 21:41:58 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@yahoo[1].txt [441] O61 - LFC:Last File Created 05/03/2011 - 21:42:19 ---A- C:\Documents And Settings\HP_Propriétaire\Bureau\bernard53.doc [80896] O61 - LFC:Last File Created 05/03/2011 - 21:42:35 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\bernard53.lnk [367] O61 - LFC:Last File Created 05/03/2011 - 21:42:38 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{551F6E0A-3FF1-11E0-84B8-0013D326442E}.dat [3584] O61 - LFC:Last File Created 05/03/2011 - 21:42:38 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{1B61EFBA-4769-11E0-84C6-0013D326442E}.dat [39936] O61 - LFC:Last File Created 05/03/2011 - 22:23:32 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@bubblestat[1].txt [961] O61 - LFC:Last File Created 05/03/2011 - 22:23:33 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@content.yieldmanager[1].txt [85] O61 - LFC:Last File Created 05/03/2011 - 22:23:51 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\OTL.lnk [427] O61 - LFC:Last File Created 06/03/2011 - 14:10:45 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012011030520110306\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 14:11:51 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk [2565] O61 - LFC:Last File Created 06/03/2011 - 14:11:56 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@imagesup[2].txt [79] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\HP_PAVILION ©.lnk [354] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\bernard53_bis.lnk [493] O61 - LFC:Last File Created 06/03/2011 - 14:13:47 --H-- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Fichiers récents\index.dat [1544] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Office\Word10.pip [1832] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\HP_PAVILION ©.lnk [336] O61 - LFC:Last File Created 06/03/2011 - 14:13:48 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\bernard53_bis.lnk [483] O61 - LFC:Last File Created 06/03/2011 - 14:14:14 -SH-- C:\Documents And Settings\HP_Propriétaire\ntuser.ini [284] O61 - LFC:Last File Created 06/03/2011 - 14:31:10 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 06/03/2011 - 14:31:13 -SH-- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 14:31:15 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\Desktop.htt [11794] O61 - LFC:Last File Created 06/03/2011 - 14:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@analytics.live[1].txt [80] O61 - LFC:Last File Created 06/03/2011 - 14:33:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Recent\03062011_142607.log.lnk [493] O61 - LFC:Last File Created 06/03/2011 - 14:33:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Recent\HP_PAVILION ©.lnk [336] O61 - LFC:Last File Created 06/03/2011 - 15:14:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bubblestat[2].txt [981] O61 - LFC:Last File Created 06/03/2011 - 15:14:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@content.yieldmanager[1].txt [84] O61 - LFC:Last File Created 06/03/2011 - 16:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cofidis2.solution.weborama[2].txt [418] O61 - LFC:Last File Created 06/03/2011 - 16:08:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@alenty[1].txt [103] O61 - LFC:Last File Created 06/03/2011 - 16:08:48 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030520110306\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 16:09:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.zanox[1].txt [116] O61 - LFC:Last File Created 06/03/2011 - 16:09:52 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@reussissonsensemble[1].txt [931] O61 - LFC:Last File Created 06/03/2011 - 16:28:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@facebook[1].txt [180] O61 - LFC:Last File Created 06/03/2011 - 16:28:36 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bnpparibasnet.solution.weborama[2].txt [429] O61 - LFC:Last File Created 06/03/2011 - 16:28:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@meetic-partners[2].txt [483] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@a2dfp[1].txt [481] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@doctissimo[1].txt [77] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@pixel.rubiconproject[1].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:31:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@rubiconproject[2].txt [205] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adnxs[1].txt [284] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adtech[1].txt [397] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@advertstream[1].txt [133] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ftv-publicite[2].txt [159] O61 - LFC:Last File Created 06/03/2011 - 16:31:46 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tf1[2].txt [150] O61 - LFC:Last File Created 06/03/2011 - 16:35:23 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:35:23 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:35:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@msnvideo.fr.msn[1].txt [82] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@c.fr.msn[1].txt [70] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@counters.gigya[1].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@gigya[1].txt [101] O61 - LFC:Last File Created 06/03/2011 - 16:35:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@serving-sys[1].txt [1578] O61 - LFC:Last File Created 06/03/2011 - 16:35:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\HY9UXNCF\www.youtube[1].xml [13] O61 - LFC:Last File Created 06/03/2011 - 16:35:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s.ytimg.com\settings.sol [81] O61 - LFC:Last File Created 06/03/2011 - 16:35:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [463] O61 - LFC:Last File Created 06/03/2011 - 16:36:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@numericable.solution.weborama[2].txt [409] O61 - LFC:Last File Created 06/03/2011 - 16:44:00 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d.adroll[1].txt [108] O61 - LFC:Last File Created 06/03/2011 - 16:44:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@contextweb[1].txt [83] O61 - LFC:Last File Created 06/03/2011 - 16:44:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@quantserve[1].txt [185] O61 - LFC:Last File Created 06/03/2011 - 16:44:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@weborama[2].txt [271] O61 - LFC:Last File Created 06/03/2011 - 16:44:08 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@scribol[1].txt [122] O61 - LFC:Last File Created 06/03/2011 - 16:44:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@undertone[1].txt [128] O61 - LFC:Last File Created 06/03/2011 - 16:44:14 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@altitudedigitalpartners[2].txt [207] O61 - LFC:Last File Created 06/03/2011 - 16:44:15 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tag.admeld[2].txt [188] O61 - LFC:Last File Created 06/03/2011 - 16:44:17 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[3].txt [231] O61 - LFC:Last File Created 06/03/2011 - 16:44:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@media6degrees[2].txt [478] O61 - LFC:Last File Created 06/03/2011 - 16:44:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d1.openx[2].txt [278] O61 - LFC:Last File Created 06/03/2011 - 16:44:24 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fl01.ct2.comclick[1].txt [588] O61 - LFC:Last File Created 06/03/2011 - 16:44:25 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[1].txt [396] O61 - LFC:Last File Created 06/03/2011 - 16:44:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@orbengine[2].txt [259] O61 - LFC:Last File Created 06/03/2011 - 16:44:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@pixer.meaningtool[2].txt [555] O61 - LFC:Last File Created 06/03/2011 - 16:44:27 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.skinnyvscurvy[4].txt [217] O61 - LFC:Last File Created 06/03/2011 - 16:44:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ads.undertone[2].txt [110] O61 - LFC:Last File Created 06/03/2011 - 16:44:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@skinnyvscurvy[2].txt [503] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@demr.opt.fimserve[1].txt [121] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@myspace[1].txt [1088] O61 - LFC:Last File Created 06/03/2011 - 16:44:49 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@opt.fimserve[2].txt [445] O61 - LFC:Last File Created 06/03/2011 - 16:44:51 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\49OKM4K6\www.myspace[1].xml [14461] O61 - LFC:Last File Created 06/03/2011 - 16:45:03 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@intellitxt[2].txt [127] O61 - LFC:Last File Created 06/03/2011 - 16:45:06 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@abmr[2].txt [200] O61 - LFC:Last File Created 06/03/2011 - 16:45:07 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@collective-media[1].txt [557] O61 - LFC:Last File Created 06/03/2011 - 16:45:07 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@nexac[1].txt [71] O61 - LFC:Last File Created 06/03/2011 - 16:45:09 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@neowin[1].txt [466] O61 - LFC:Last File Created 06/03/2011 - 16:45:10 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@bluekai[1].txt [953] O61 - LFC:Last File Created 06/03/2011 - 16:45:12 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@crowdscience[1].txt [94] O61 - LFC:Last File Created 06/03/2011 - 16:45:13 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.neowin[1].txt [260] O61 - LFC:Last File Created 06/03/2011 - 16:45:47 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@google[2].txt [130] O61 - LFC:Last File Created 06/03/2011 - 16:45:53 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\#SharedObjects\TXLEA5PB\s.ytimg.com\soundData.sol [49] O61 - LFC:Last File Created 06/03/2011 - 16:45:56 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@google[3].txt [348] O61 - LFC:Last File Created 06/03/2011 - 16:46:21 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.popeater[1].txt [176] O61 - LFC:Last File Created 06/03/2011 - 16:46:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@aol[1].txt [112] O61 - LFC:Last File Created 06/03/2011 - 16:46:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@at.atwola[1].txt [310] O61 - LFC:Last File Created 06/03/2011 - 16:46:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@atwola[1].txt [73] O61 - LFC:Last File Created 06/03/2011 - 16:46:33 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@popeater[2].txt [374] O61 - LFC:Last File Created 06/03/2011 - 16:46:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Microsoft\Internet Explorer\UserData\7YJCOX3V\pmocntr2[1].xml [42] O61 - LFC:Last File Created 06/03/2011 - 16:46:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@b.aol[2].txt [108] O61 - LFC:Last File Created 06/03/2011 - 16:47:16 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.googleadservices[2].txt [522] O61 - LFC:Last File Created 06/03/2011 - 16:47:16 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.modatoi[2].txt [80] O61 - LFC:Last File Created 06/03/2011 - 16:47:18 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@modatoi[2].txt [381] O61 - LFC:Last File Created 06/03/2011 - 16:47:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@thefreaksquad[1].txt [83] O61 - LFC:Last File Created 06/03/2011 - 16:47:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@faniq[1].txt [227] O61 - LFC:Last File Created 06/03/2011 - 16:47:36 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@webadgency.solution.weborama[2].txt [133] O61 - LFC:Last File Created 06/03/2011 - 16:47:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@d.psa-ads.openx[2].txt [112] O61 - LFC:Last File Created 06/03/2011 - 16:49:43 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030420110305\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 16:51:20 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@youtube[1].txt [179] O61 - LFC:Last File Created 06/03/2011 - 16:51:24 ---A- C:\Documents And Settings\Administrateur.PICASSO\Application Data\Macromedia\Flash Player\#SharedObjects\TXLEA5PB\s.ytimg.com\videostats.sol [199] O61 - LFC:Last File Created 06/03/2011 - 17:03:18 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.alternatehistory[2].txt [275] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@forum.zebulon[2].txt [392] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.zebulon[1].txt [98] O61 - LFC:Last File Created 06/03/2011 - 17:04:22 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@zebulon[1].txt [429] O61 - LFC:Last File Created 06/03/2011 - 17:04:23 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@specificclick[2].txt [259] O61 - LFC:Last File Created 06/03/2011 - 17:04:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@www.beaute-test[2].txt [163] O61 - LFC:Last File Created 06/03/2011 - 17:04:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@cas.criteo[1].txt [257] O61 - LFC:Last File Created 06/03/2011 - 17:04:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@criteo[1].txt [1687] O61 - LFC:Last File Created 06/03/2011 - 17:04:38 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{B1113C42-4731-11E0-84C5-0013D326442E}.dat [3584] O61 - LFC:Last File Created 06/03/2011 - 17:04:39 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@outbrain[2].txt [394] O61 - LFC:Last File Created 06/03/2011 - 17:04:39 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tacoda.at.atwola[1].txt [522] O61 - LFC:Last File Created 06/03/2011 - 17:04:40 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{6F92C166-480B-11E0-84C8-0013D326442E}.dat [905728] O61 - LFC:Last File Created 06/03/2011 - 17:08:04 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@metaffiliation[1].txt [1522] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\index.dat [212992] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\IETldCache\index.dat [262144] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Historique\History.IE5\MSHist012011030620110307\index.dat [65536] O61 - LFC:Last File Created 06/03/2011 - 17:08:26 -SHA- C:\Documents And Settings\Administrateur.PICASSO\PrivacIE\index.dat [786432] O61 - LFC:Last File Created 06/03/2011 - 17:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@msn[2].txt [458] O61 - LFC:Last File Created 06/03/2011 - 17:08:28 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@scorecardresearch[1].txt [112] O61 - LFC:Last File Created 06/03/2011 - 17:08:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@boursoramabanque.solution.weborama[2].txt [493] O61 - LFC:Last File Created 06/03/2011 - 17:08:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@fr.yahoo[2].txt [566] O61 - LFC:Last File Created 06/03/2011 - 17:08:37 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adinterax[2].txt [185] O61 - LFC:Last File Created 06/03/2011 - 17:08:42 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@yahoo[1].txt [727] O61 - LFC:Last File Created 06/03/2011 - 17:08:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@ad.yieldmanager[1].txt [2760] O61 - LFC:Last File Created 06/03/2011 - 17:08:45 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@smartadserver[2].txt [990] O61 - LFC:Last File Created 06/03/2011 - 17:08:54 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@reactivpub[2].txt [216] O61 - LFC:Last File Created 06/03/2011 - 17:09:11 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@adnext[2].txt [601] O61 - LFC:Last File Created 06/03/2011 - 17:09:29 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@beaute-test[2].txt [388] O61 - LFC:Last File Created 06/03/2011 - 17:09:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@betracking[2].txt [207] O61 - LFC:Last File Created 06/03/2011 - 17:09:30 ---A- C:\Documents And Settings\Administrateur.PICASSO\Cookies\administrateur@tracking.publicidees[1].txt [241] O61 - LFC:Last File Created 06/03/2011 - 17:09:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{6F92C167-480B-11E0-84C8-0013D326442E}.dat [3584] O61 - LFC:Last File Created 06/03/2011 - 17:09:31 ---A- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{1E2B1624-480C-11E0-84C8-0013D326442E}.dat [98816] O61 - LFC:Last File Created 06/03/2011 - 22:36:36 --HA- C:\Documents And Settings\Administrateur.PICASSO\NTUSER.DAT [5242880] O61 - LFC:Last File Created 06/03/2011 - 22:36:37 --HA- C:\Documents And Settings\Administrateur.PICASSO\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024] O61 - LFC:Last File Created 06/03/2011 - 22:36:37 -SHA- C:\Documents And Settings\Administrateur.PICASSO\ntuser.ini [184] O61 - LFC:Last File Created 06/03/2011 - 22:37:39 -SH-- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:37:51 -SH-- C:\Documents And Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\0T3SAX82\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\1FM43AJG\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\7A6JPRG0\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\IWMP6LFD\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:01 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:38:02 -SH-- C:\Documents And Settings\LocalService\Local Settings\temp\History\History.IE5\desktop.ini [145] O61 - LFC:Last File Created 06/03/2011 - 22:39:00 -SH-- C:\Documents And Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini [67] O61 - LFC:Last File Created 06/03/2011 - 22:39:07 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFFEE2.tmp [0] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DF9CA6.tmp [0] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 ---A- C:\Documents And Settings\HP_Propriétaire\UserData\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:18 -SHA- C:\Documents And Settings\HP_Propriétaire\PrivacIE\index.dat [16187392] O61 - LFC:Last File Created 06/03/2011 - 22:39:24 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBACE.tmp [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:24 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBB4B.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBC66.tmp [16384] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBCE7.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBE80.tmp [32768] O61 - LFC:Last File Created 06/03/2011 - 22:39:25 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\~DFBF84.tmp [512] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt.combing[3].txt [251] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[3].txt [235] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@live[3].txt [233] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@msn[2].txt [234] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@windowsmarketplace[3].txt [261] O61 - LFC:Last File Created 06/03/2011 - 22:39:49 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@zune[3].txt [233] O61 - LFC:Last File Created 06/03/2011 - 22:40:03 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@zebulon[2].txt [464] O61 - LFC:Last File Created 06/03/2011 - 22:40:13 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@forum.zebulon[1].txt [393] O61 - LFC:Last File Created 06/03/2011 - 22:40:19 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@www.zebulon[1].txt [100] O61 - LFC:Last File Created 06/03/2011 - 22:40:21 ---A- C:\Documents And Settings\HP_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [434] O61 - LFC:Last File Created 06/03/2011 - 22:40:22 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@specificclick[1].txt [259] O61 - LFC:Last File Created 06/03/2011 - 22:40:25 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\hp_propriétaire@fr.a2dfp[2].txt [103] O61 - LFC:Last File Created 06/03/2011 - 22:40:28 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{30287258-483A-11E0-84C9-0013D326442E}.dat [17408] O61 - LFC:Last File Created 06/03/2011 - 22:40:44 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60AE0DFC-483A-11E0-84C9-0013D326442E}.dat [4096] O61 - LFC:Last File Created 06/03/2011 - 22:41:04 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\ZHPDiag2.lnk [500] O61 - LFC:Last File Created 06/03/2011 - 22:41:04 ---A- C:\Documents And Settings\HP_Propriétaire\Recent\iufm.lnk [481] O61 - LFC:Last File Created 06/03/2011 - 22:42:28 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:42:28 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012011030620110307\index.dat [32768] O61 - LFC:Last File Created 06/03/2011 - 22:42:32 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{24B8AAA3-483A-11E0-84C9-0013D326442E}.dat [5120] O61 - LFC:Last File Created 06/03/2011 - 22:42:32 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A159D73C-483A-11E0-84C9-0013D326442E}.dat [4096] O61 - LFC:Last File Created 06/03/2011 - 22:43:06 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Adobe\Color\ACECache10.lst [46137] O61 - LFC:Last File Created 06/03/2011 - 22:43:52 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [489] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\MBRCheck.lnk [716] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [709] O61 - LFC:Last File Created 06/03/2011 - 22:43:53 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [704] O61 - LFC:Last File Created 06/03/2011 - 23:13:40 --HA- C:\Documents And Settings\Administrateur.PICASSO\ntuser.dat.LOG [1024] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 [18] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A [528] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 [216] O61 - LFC:Last File Created 06/03/2011 - 23:14:50 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A [140] O61 - LFC:Last File Created 06/03/2011 - 23:15:07 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\F482C95F83F1B59228F1B1E720F2EDF1 [70226] O61 - LFC:Last File Created 06/03/2011 - 23:15:07 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\F482C95F83F1B59228F1B1E720F2EDF1 [128] O61 - LFC:Last File Created 06/03/2011 - 23:15:16 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\1B749B72855CB97BF2F58675617C9BF9 [576] O61 - LFC:Last File Created 06/03/2011 - 23:15:16 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B749B72855CB97BF2F58675617C9BF9 [162] O61 - LFC:Last File Created 06/03/2011 - 23:15:32 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217 [569] O61 - LFC:Last File Created 06/03/2011 - 23:15:32 -S-A- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217 [142] O61 - LFC:Last File Created 07/03/2011 - 02:46:36 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:36 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:37 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\desktop.ini [62] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [81920] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [311296] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 -SHA- C:\Documents And Settings\HP_Propriétaire\Application Data\Microsoft\Credentials\S-1-5-21-2705973081-667088016-391471673-1008\Credentials [524] O61 - LFC:Last File Created 07/03/2011 - 02:46:38 -SHA- C:\Documents And Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-2705973081-667088016-391471673-1008\Credentials [4626] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 ---A- C:\Documents And Settings\HP_Propriétaire\Cookies\index.dat [786432] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat [3342336] O61 - LFC:Last File Created 07/03/2011 - 02:46:57 -SHA- C:\Documents And Settings\HP_Propriétaire\IETldCache\index.dat [262144] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\Cookies\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat [32768] O61 - LFC:Last File Created 07/03/2011 - 02:47:01 -SHA- C:\Documents And Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 02:48:22 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5535] O61 - LFC:Last File Created 07/03/2011 - 02:48:22 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [5535] O61 - LFC:Last File Created 07/03/2011 - 07:01:30 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384] O61 - LFC:Last File Created 07/03/2011 - 07:01:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-BRGSB.tmp\ZHPDiag2.tmp [715264] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-H49TP.tmp\_isetup\_RegDLL.tmp [4096] O61 - LFC:Last File Created 07/03/2011 - 09:58:03 ---A- C:\Documents And Settings\HP_Propriétaire\Local Settings\Temp\is-H49TP.tmp\_isetup\_shfoldr.dll [23312] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - (.not file.) - 58a5c980 (58a5c980) .(...) - LEGACY_58A5C980 O64 - Services: CurCS - C:\Program Files\a-squared Anti-Malware\a2service.exe - a-squared Anti-Malware Service (a2AntiMalware) .(.Emsi Software GmbH - a-squared Service.) - LEGACY_A2ANTIMALWARE O64 - Services: CurCS - C:\Windows\System32\Drivers\a347scsi.sys - a347scsi (a347scsi) .(.Pas de propriétaire - SCSI miniport.) - LEGACY_A347SCSI O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\AAVMKER4.sys - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(...) - LEGACY_AAVMKER4 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.3.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\aswFsBlk.sys - aswFsBlk (aswFsBlk) .(.ALWIL Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWMON2.sys - (.not file.) - avast! Standard Shield Support (aswMon2) .(...) - LEGACY_ASWMON2 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe - avast! iAVS4 Control Service (aswUpdSv) .(.ALWIL Software - avast! Antivirus updating service.) - LEGACY_ASWUPDSV O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - LEGACY_ATI_HOTKEY_POLLER O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashServ.exe - avast! Antivirus (avast! Antivirus) .(.ALWIL Software - avast! antivirus service.) - LEGACY_AVAST!_ANTIVIRUS O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe - avast! Mail Scanner (avast! Mail Scanner) .(.ALWIL Software - avast! e-Mail Scanner Service.) - LEGACY_AVAST!_MAIL_SCANNER O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe - avast! Web Scanner (avast! Web Scanner) .(.ALWIL Software - avast! Web Scanner.) - LEGACY_AVAST!_WEB_SCANNER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32 O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - C:\WINDOWS\system32\fxssvc.exe - Fax (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.sys - GTNDIS5 NDIS Protocol Driver (GTNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_GTNDIS5 O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - iPod Service (iPodService) .(.Apple Computer, Inc. - iPodService Module.) - LEGACY_IPODSERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - C:\WINDOWS\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM O64 - Services: CurCS - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver (PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - (.not file.) - Pml Driver HPZ12 (Pml Driver HPZ12) .(...) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113 O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Répondeur de découverte de topologie de la couche de liaison (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - C:\WINDOWS\system32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(...) - LEGACY_SERIAL O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(...) - LEGACY_SYMIDSCO O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS O64 - Services: CurCS - C:\WINDOWS\system32\wdfmgr.exe - Windows User Mode Driver Framework (UMWdf) .(.Microsoft Corporation - Windows User Mode Driver Manager.) - LEGACY_UMWDF O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ---\\ Liste des fichiers non signés (O65) O65 - LUF:09/01/2004 (.Pas de propriétaire - ActiveSkin Module.) (4, 2, 7, 3) - c:\windows\system32\actskin4.ocx O65 - LUF:31/01/2000 (.Pas de propriétaire - .) (1.0.0.0) - c:\windows\system32\bcbsmp50.bpl O65 - LUF:20/03/2002 (.Pas de propriétaire - HpReg Module.) (1, 0, 0, 2) - c:\windows\system32\hpreg.dll O65 - LUF:14/04/2000 (.Pas de propriétaire - LEADTOOLS FlashPix library.) (V1.1.FC1) - c:\windows\system32\Lffpx7.dll O65 - LUF:24/01/2001 (.Pas de propriétaire - prntfix Application.) (1.50) - c:\windows\system32\prntfix.exe O65 - LUF:15/08/2006 (.Pas de propriétaire - UpdateDriver Application.) (1, 0, 0, 3) - c:\windows\system32\UpdateDriver.exe O65 - LUF:30/04/2004 (. - .) (3.47.0.0 built by: WinDDK) - c:\windows\system32\drivers\a347bus.sys O65 - LUF:30/04/2004 (. - .) (3.47.0.0 built by: WinDDK) - c:\windows\system32\drivers\a347scsi.sys ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {42F3EC86-6C72-4CF4-8D9E-0D0584E7A57A} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 20/07/2009 719392 | C:\Program Files\a-squared Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files\a-squared Anti-Malware\a2service.exe SR - | Auto 24/11/2009 18752 | (aswUpdSv) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe SR - | Auto 06/04/2005 364544 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 24/11/2009 138680 | (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe SR - | Demand 24/11/2009 254040 | (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe SR - | Demand 24/11/2009 352920 | (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 06/01/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 24/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 13/10/2004 327680 | (iPodService) . (.Apple Computer, Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 25/07/2009 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover Run by HP_Propriétaire at 07/03/2011 10:17:19 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84AF4008]<< 1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x84CB5030] 3 CLASSPNP[0xF763CFD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\00000065[0x84D902C8] 5 ACPI[0xF748A620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-3[0x84D33D98] \Driver\atapi[0x84D90620] -> IRP_MJ_CREATE -> 0x84AF4008 kernel: MBR read successfully detected hooks: \Driver\atapi -> 0x84af4008 user & kernel MBR OK Warning: possible MBR rootkit infection ! Use "ZHPFix" command "MBRFix" to clear infection ! ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by HP_Propriétaire at 07/03/2011 10:17:20 Use the desktop link 'MBRCheck' to have full report Dump file Name : C:\PhysicalDisk0_MBR.bin End of the scan (1655 lines in 17mn 17s)(0)
  14. ben ali
    Bonjour Bernard, Comme convenu, voici le rapport issu du "runfix" d'OTLE : ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\xgtnbjle deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt deleted successfully. Registry value HKEY_USERS\HP_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ deleted successfully. Registry value HKEY_USERS\HP_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully. C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}\ deleted successfully. File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32C2EEAF-79B6-0261-3C86-5B83C0688136}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32C2EEAF-79B6-0261-3C86-5B83C0688136}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F4693CD-2B4D-42BD-B512-D2AB0F74D30C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F4693CD-2B4D-42BD-B512-D2AB0F74D30C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully. C:\Program Files\Spybot - Search & Destroy\SDHelper.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5DE50A7B-9B62-DDBE-1BA3-C385294E418F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DE50A7B-9B62-DDBE-1BA3-C385294E418F}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found. File C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully. File C:\Program Files\QuickTime\qttask .exe not found. C:\Documents and Settings\HP_Propriétaire\Application Data\A2919433905566FFA489B5F314DA0CD2 folder moved successfully. C:\Documents and Settings\HP_Propriétaire\RavMonLog moved successfully. ========== FILES ========== C:\Program Files\QuickTime\Plugins folder moved successfully. C:\Program Files\QuickTime folder moved successfully. C:\WINDOWS\tasks\At1.job moved successfully. C:\WINDOWS\tasks\At10.job moved successfully. C:\WINDOWS\tasks\At11.job moved successfully. C:\WINDOWS\tasks\At12.job moved successfully. C:\WINDOWS\tasks\At13.job moved successfully. C:\WINDOWS\tasks\At14.job moved successfully. C:\WINDOWS\tasks\At15.job moved successfully. C:\WINDOWS\tasks\At16.job moved successfully. C:\WINDOWS\tasks\At17.job moved successfully. C:\WINDOWS\tasks\At18.job moved successfully. C:\WINDOWS\tasks\At19.job moved successfully. C:\WINDOWS\tasks\At2.job moved successfully. C:\WINDOWS\tasks\At20.job moved successfully. C:\WINDOWS\tasks\At21.job moved successfully. C:\WINDOWS\tasks\At22.job moved successfully. C:\WINDOWS\tasks\At23.job moved successfully. C:\WINDOWS\tasks\At24.job moved successfully. C:\WINDOWS\tasks\At25.job moved successfully. C:\WINDOWS\tasks\At26.job moved successfully. C:\WINDOWS\tasks\At27.job moved successfully. C:\WINDOWS\tasks\At28.job moved successfully. C:\WINDOWS\tasks\At29.job moved successfully. C:\WINDOWS\tasks\At3.job moved successfully. C:\WINDOWS\tasks\At4.job moved successfully. C:\WINDOWS\tasks\At6.job moved successfully. C:\WINDOWS\tasks\At7.job moved successfully. C:\WINDOWS\tasks\At8.job moved successfully. C:\WINDOWS\tasks\At9.job moved successfully. C:\WINDOWS\tasks\Google Software Updater.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. C:\WINDOWS\System32\roboot.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Administrateur.PICASSO ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 64418057 bytes ->Flash cache emptied: 1561 bytes User: All Users User: Default User ->Temp folder emptied: 18090 bytes ->Temporary Internet Files folder emptied: 32902 bytes ->Flash cache emptied: 41 bytes User: HP_Propriétaire ->Temp folder emptied: 365790 bytes ->Temporary Internet Files folder emptied: 6807568 bytes ->Java cache emptied: 47218468 bytes ->FireFox cache emptied: 13430703 bytes ->Flash cache emptied: 1923025 bytes User: LocalService ->Temp folder emptied: 66083 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 2348 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19593 bytes %systemroot%\System32 .tmp files removed: 285184 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1375825 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes Total Files Cleaned = 130.00 mb OTLPE by OldTimer - Version 3.1.45.0 log created on 03062011_142607 Merci encore par avance pour votre aide précieuse !
  15. ben ali
    OTL logfile created on: 3/5/2011 9:58:12 PM - Run OTLPE by OldTimer - Version 3.1.45.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 446.00 Mb Total Physical Memory | 220.00 Mb Available Physical Memory | 49.00% Memory free 366.00 Mb Paging File | 267.00 Mb Available in Paging File | 73.00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 180.30 Gb Total Space | 114.59 Gb Free Space | 63.55% Space Free | Partition Type: NTFS Drive H: | 5.99 Gb Total Space | 1.50 Gb Free Space | 25.03% Space Free | Partition Type: FAT32 Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - File not found [Auto] -- -- (xgtnbjle) SRV - File not found [On_Demand] -- -- (AppMgmt) SRV - [2009/11/24 17:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/24 17:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/24 17:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/24 17:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/07/20 17:29:06 | 000,719,392 | ---- | M] (Emsi Software GmbH) [Auto] -- C:\Program Files\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (intelppm) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | On_Demand] -- -- (catchme) DRV - [2011/03/01 03:46:37 | 000,136,192 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System] -- C:\WINDOWS\system32\drivers\ethtlmnb.sys -- (ethtlmnb) DRV - [2010/12/20 12:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009/11/24 17:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2009/11/24 17:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/24 17:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/24 17:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/24 17:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/24 17:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2009/08/24 07:22:58 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2007/10/01 21:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2) DRV - [2005/04/20 13:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005/04/05 23:58:48 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/09 16:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005/01/19 11:21:56 | 000,012,416 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio) DRV - [2004/08/04 01:46:46 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5) DRV - [2004/04/30 03:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347bus.sys -- (a347bus) DRV - [2004/04/30 03:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347scsi.sys -- (a347scsi) DRV - [2003/09/25 15:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\Belkin\F5D7050v3\GTNDIS5.sys -- (GTNDIS5) DRV - [2002/10/04 12:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139) DRV - [2002/08/09 08:46:10 | 000,606,208 | ---- | M] (DELL Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DELUSB_51.sys -- (PRISM_USB) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing France IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrateur.PICASSO_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKU\Administrateur.PICASSO_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing France IE - HKU\Administrateur.PICASSO_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! Search Marketing France IE - HKU\Administrateur.PICASSO_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKU\Administrateur.PICASSO_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\HP_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing France IE - HKU\HP_Propriétaire_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\HP_Propriétaire_ON_C\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - File not found IE - HKU\HP_Propriétaire_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\HP_Propriétaire_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/20 08:07:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/21 17:12:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/21 17:12:22 | 000,000,000 | ---D | M] [2010/11/29 12:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2007/01/03 07:13:07 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/08/30 07:57:43 | 000,000,000 | ---D | M] (Google Settings) -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com [2006/11/09 09:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll [2010/12/21 17:12:14 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/21 17:12:14 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/21 17:12:14 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/21 17:12:14 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/21 17:12:14 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/03/01 15:54:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: () - {32C2EEAF-79B6-0261-3C86-5B83C0688136} - File not found O2 - BHO: (T10QP3808 Class) - {4F4693CD-2B4D-42BD-B512-D2AB0F74D30C} - File not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {5DE50A7B-9B62-DDBE-1BA3-C385294E418F} - File not found O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\Administrateur.PICASSO_ON_C\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found. O3 - HKU\Administrateur.PICASSO_ON_C\..\Toolbar\WebBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found. O3 - HKU\HP_Propriétaire_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\HP_Propriétaire_ON_C\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found. O3 - HKU\HP_Propriétaire_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\HP_Propriétaire_ON_C\..\Toolbar\WebBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found O4 - HKLM..\Run: [AutoTBar] File not found O4 - HKLM..\Run: [combofix] File not found O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [OpwareSE4] File not found O4 - HKLM..\Run: [ORAHSSSessionManager] File not found O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask .exe (Apple Computer, Inc.) O4 - HKLM..\Run: [sSBkgdUpdate] File not found O4 - HKLM..\Run: [sunJavaUpdateSched] File not found O4 - HKLM..\Run: [TkBellExe] File not found O4 - HKU\HP_Propriétaire_ON_C..\Run: [Registry Reviver] File not found O4 - HKU\HP_Propriétaire_ON_C..\Run: [shujesoxikayisuk] File not found O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\Administrateur.PICASSO_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\HP_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\HP_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\HP_Propriétaire_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O9 - Extra 'Tools' menuitem : Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm () O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (HpProductDetection Class) O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} wisup.net (Image Uploader Control) O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab (MMSPlayerX Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Get_ActiveX Control) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/01/01 17:13:35 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: xgtnbjle - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: SSHNAS - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error. SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.1 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.1 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) ========== Files/Folders - Created Within 30 Days ========== [2011/03/03 16:28:21 | 000,057,344 | ---- | C] (Hewlett-Packard) -- C:\Documents and Settings\Administrateur.PICASSO\Menu Démarrer\Programmes\Démarrage\AutoTBar.exe [2011/03/03 15:57:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011/03/03 14:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur.PICASSO\Application Data\Adobe [2011/03/03 14:51:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrateur.PICASSO\PrivacIE [2011/03/01 15:51:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2011/03/01 15:38:07 | 000,000,000 | --SD | C] -- C:\ComboFix [2011/03/01 14:58:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/03/01 14:58:44 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/03/01 14:58:44 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/03/01 14:58:44 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/03/01 14:58:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/03/01 14:57:23 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/03/01 04:39:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrateur.PICASSO\IETldCache [2011/03/01 03:46:37 | 000,136,192 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ethtlmnb.sys [2011/02/24 06:13:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun [2011/02/23 16:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes [2011/02/23 16:59:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/02/23 16:59:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/02/23 16:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/02/23 16:56:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Propriétaire\Recent [2011/02/23 16:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/02/23 16:48:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\PrivacIE [2011/02/23 16:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google [2011/02/23 16:47:54 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IECompatCache [2011/02/23 16:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Reviversoft [2011/02/23 16:38:33 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\WINDOWS\System32\roboot.exe [2011/02/23 10:04:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\NetworkService\Favoris [2011/02/23 09:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia [2011/02/23 09:27:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe [2011/02/23 08:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\A2919433905566FFA489B5F314DA0CD2 [2007/02/21 17:20:41 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys [2007/02/21 17:20:41 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/03/05 15:42:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/03/05 15:36:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/03/03 16:28:21 | 000,000,324 | RHS- | M] () -- C:\boot.ini [2011/03/03 09:53:24 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2011/03/03 09:51:57 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/03/01 15:54:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/03/01 15:23:02 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/03/01 06:06:22 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2011/03/01 04:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At16.job [2011/03/01 03:46:37 | 000,136,192 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ethtlmnb.sys [2011/02/26 08:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At20.job [2011/02/26 07:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At19.job [2011/02/26 06:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At18.job [2011/02/26 05:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At17.job [2011/02/26 03:05:03 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At15.job [2011/02/26 02:05:17 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At14.job [2011/02/26 01:05:25 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At13.job [2011/02/26 00:05:20 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At12.job [2011/02/25 23:05:16 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At11.job [2011/02/25 22:05:07 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At10.job [2011/02/25 21:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At9.job [2011/02/25 20:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2011/02/25 19:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2011/02/25 18:49:09 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2011/02/25 17:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At29.job [2011/02/25 16:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At28.job [2011/02/25 15:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At27.job [2011/02/25 14:05:17 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At26.job [2011/02/25 13:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At25.job [2011/02/25 12:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At24.job [2011/02/25 11:05:09 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At23.job [2011/02/25 10:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At22.job [2011/02/25 09:05:07 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\At21.job [2011/02/24 06:13:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/02/24 03:39:53 | 000,000,189 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT [2011/02/18 12:08:14 | 000,016,704 | ---- | M] (ReviverSoft) -- C:\WINDOWS\System32\roboot.exe [2011/02/15 10:19:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At8.job [2011/02/14 16:16:11 | 000,064,512 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/09 21:27:31 | 000,292,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/02/09 15:29:35 | 000,430,044 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110223-151117.backup [2011/02/09 10:19:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2011/02/08 10:19:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\At6.job [2011/02/07 10:19:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At7.job [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/03/01 14:58:44 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/03/01 14:58:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/03/01 14:58:44 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/03/01 14:58:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/03/01 14:58:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/03/01 06:06:22 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011/02/24 06:13:07 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At29.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At28.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At27.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At26.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At25.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At24.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At23.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At22.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At21.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At20.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At19.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At18.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At17.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At16.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At15.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At14.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At13.job [2011/02/23 16:41:09 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At12.job [2011/02/23 16:41:08 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At9.job [2011/02/23 16:41:08 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At11.job [2011/02/23 16:41:08 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At10.job [2011/02/23 16:41:07 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At3.job [2011/02/23 16:41:07 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At2.job [2011/02/23 16:41:07 | 000,000,412 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2010/05/21 09:17:10 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe [2010/05/21 09:17:09 | 000,005,224 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini [2009/04/15 18:04:27 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Administrateur.PICASSO\Local Settings\Application Data\fusioncache.dat [2009/04/03 10:00:37 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2008/07/15 14:39:42 | 000,002,881 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\.recently-used.xbel [2008/04/29 12:20:15 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dhp_3347.dat [2008/04/20 05:42:57 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe [2008/04/20 05:42:56 | 000,002,557 | ---- | C] () -- C:\WINDOWS\unins000.dat [2007/06/30 05:22:52 | 000,015,428 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\RefEdit.exd [2007/06/18 03:42:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2007/06/17 15:11:22 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL [2007/06/17 15:11:19 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll [2007/06/17 15:11:19 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys [2007/06/17 15:11:19 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll [2007/03/20 05:03:32 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini [2007/01/08 14:46:33 | 000,000,176 | ---- | C] () -- C:\WINDOWS\wininit.ini [2007/01/03 07:12:59 | 000,002,825 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007/01/03 07:11:26 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\RavMonLog [2006/12/12 11:30:29 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe [2006/12/12 11:30:26 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006/12/12 11:24:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2006/08/29 07:14:19 | 000,000,269 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\JavaNNS.properties [2006/08/07 12:31:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\.gtk-bookmarks [2006/08/07 12:03:34 | 000,244,315 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\.fonts.cache-1 [2006/07/18 10:42:45 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI [2006/04/14 14:27:59 | 000,000,140 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006/02/18 15:55:21 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe [2006/01/07 18:03:18 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat [2006/01/02 15:38:05 | 000,117,248 | ---- | C] () -- C:\WINDOWS\ECRINOML.DLL [2006/01/02 15:37:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WD.INI [2006/01/02 14:40:09 | 000,064,512 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/01/02 14:17:06 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/01/02 13:40:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\DELREMOV.dll [2005/10/27 03:23:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat [2005/10/18 10:27:31 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2005/10/14 00:42:03 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\fusioncache.dat [2005/04/29 21:29:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/01/19 16:45:40 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll [2005/01/19 16:45:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll [2005/01/01 17:16:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/01/01 17:12:46 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/01/01 17:12:46 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/01/01 17:12:45 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/01/01 17:12:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/01/01 17:12:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/01/01 17:12:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/01/01 16:47:14 | 000,013,859 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS [2005/01/01 16:47:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll [2005/01/01 16:34:52 | 000,048,531 | ---- | C] () -- C:\WINDOWS\hpiins01.dat [2005/01/01 16:33:27 | 000,094,364 | ---- | C] () -- C:\WINDOWS\HPHins03.dat [2005/01/01 16:33:27 | 000,002,655 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat [2005/01/01 16:29:25 | 000,051,190 | ---- | C] () -- C:\WINDOWS\hpdins05.dat [2005/01/01 16:28:08 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2005/01/01 16:25:09 | 000,001,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat [2005/01/01 16:24:27 | 000,081,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005/01/01 16:14:41 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2005/01/01 16:12:45 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll [2005/01/01 16:12:45 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll [2005/01/01 16:12:24 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll [2004/11/23 16:29:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2004/11/23 16:26:54 | 000,515,954 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2004/11/23 16:26:54 | 000,445,556 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/11/23 16:26:54 | 000,087,720 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2004/11/23 16:26:54 | 000,073,390 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/11/23 16:25:00 | 000,292,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004/11/23 16:21:24 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/11/23 16:19:12 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004/09/21 08:09:24 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ErrorHandler.dll [2004/08/05 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/05 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/05 07:00:00 | 001,659,648 | ---- | C] () -- C:\WINDOWS\System32\xrnfzdos.dat [2004/08/05 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/05 07:00:00 | 000,633,600 | ---- | C] () -- C:\WINDOWS\System32\jvtaifyv.dat [2004/08/05 07:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2004/08/05 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/05 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/05 07:00:00 | 000,152,320 | ---- | C] () -- C:\WINDOWS\System32\kscyizkr.dat [2004/08/05 07:00:00 | 000,151,808 | ---- | C] () -- C:\WINDOWS\System32\dsidxtvs.dat [2004/08/05 07:00:00 | 000,050,432 | ---- | C] () -- C:\WINDOWS\System32\zplvcoad.dat [2004/08/05 07:00:00 | 000,047,360 | ---- | C] () -- C:\WINDOWS\System32\omutqtlh.dat [2004/08/05 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/05 07:00:00 | 000,039,680 | ---- | C] () -- C:\WINDOWS\System32\koephrcn.dat [2004/08/05 07:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dimkwumf.dat [2004/08/05 07:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2004/08/05 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/05 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004/07/26 23:17:16 | 000,000,651 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2004/03/22 09:15:48 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\MCS.dll [2003/11/10 05:31:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4Tools.dll [2003/11/10 05:30:56 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4System.dll [2003/11/10 05:30:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\Mpeg4DSF.dll [2003/11/07 15:04:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AMRDSF.dll [2003/11/07 15:04:34 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\AMR.dll [2003/04/10 16:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll [2001/08/24 00:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001/08/24 00:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001/07/06 20:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [2001/05/23 22:39:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HPNVRRes.dll [2001/01/24 08:31:18 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\prntfix.exe [2000/04/14 10:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll [1998/06/11 08:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll ========== LOP Check ========== [2005/01/01 16:57:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SampleView [2005/01/01 16:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur.PICASSO\Application Data\SampleView [2011/02/25 18:49:09 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job [2011/02/25 22:05:07 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job [2011/02/25 23:05:16 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job [2011/02/26 00:05:20 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job [2011/02/26 01:05:25 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job [2011/02/26 02:05:17 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job [2011/02/26 03:05:03 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job [2011/03/01 04:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job [2011/02/26 05:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job [2011/02/26 06:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job [2011/02/26 07:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job [2011/02/25 19:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job [2011/02/26 08:00:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job [2011/02/25 09:05:07 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job [2011/02/25 10:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job [2011/02/25 11:05:09 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job [2011/02/25 12:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job [2011/02/25 13:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job [2011/02/25 14:05:17 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job [2011/02/25 15:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job [2011/02/25 16:05:05 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job [2011/02/25 17:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job [2011/02/25 20:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job [2011/02/09 10:19:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job [2011/02/08 10:19:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job [2011/02/07 10:19:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job [2011/02/15 10:19:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job [2011/02/25 21:05:06 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job ========== Purity Check ========== ========== Custom Scans ========== Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*. Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe Invalid Environment Variable: %APPDATA%\*. Invalid Environment Variable: %APPDATA%\*.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AEC.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:aec.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:aec.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:aec.sys [2006/02/14 19:30:07 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=1EE7B434BA961EF845DE136224C30FEC -- C:\WINDOWS\$hf_mig$\KB900485\SP2QFE\aec.sys [2006/02/14 19:22:26 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=1EE7B434BA961EF845DE136224C30FEC -- C:\WINDOWS\$NtServicePackUninstall$\aec.sys [2004/08/03 23:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\$NtUninstallKB900485$\aec.sys [2008/04/13 11:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\ServicePackFiles\i386\aec.sys [2008/04/13 11:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys < MD5 for: AGP440.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ALG.EXE > [2004/08/05 13:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=2FE681D10C5FC343DBBC0610B8DD4D24 -- C:\WINDOWS\$NtServicePackUninstall$\alg.exe [2008/04/13 21:33:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\ServicePackFiles\i386\alg.exe [2008/04/13 21:33:53 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=5E9A6658A2A69AE7EB195113B7A2E7A9 -- C:\WINDOWS\system32\alg.exe < MD5 for: ATAPI.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/05 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys < MD5 for: CDROM.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 13:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: CSRSS.EXE > [2004/08/05 13:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=78C1F1278CF2C9B476504C572CB98E5E -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe [2008/04/13 21:33:59 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe [2008/04/13 21:33:59 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E0E8A531CFCE1C2E5D79F683282C10C3 -- C:\WINDOWS\system32\csrss.exe < MD5 for: CTFMON.EXE > [2004/08/05 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5584247B568C2E53934873F4B655FE6A -- C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe [2008/04/13 21:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe [2008/04/13 21:33:59 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=59DC5BB82E4C8E0B3EADCFDBC44BA6E4 -- C:\WINDOWS\system32\ctfmon.exe < MD5 for: DISK.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 21:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/05 13:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 08:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 08:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: I8042PRT.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:i8042prt.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:i8042prt.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:i8042prt.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:i8042prt.sys [2008/04/13 21:00:52 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys [2008/04/13 21:00:52 | 000,054,144 | ---- | M] (Microsoft Corporation) MD5=A09BDC4ED10E3B2E0EC27BB94AF32516 -- C:\WINDOWS\system32\drivers\i8042prt.sys [2004/08/03 18:41:24 | 000,054,400 | ---- | M] (Microsoft Corporation) MD5=D1EFCBD693B5BA21314D06368C471070 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys [2004/08/03 17:41:24 | 000,054,400 | ---- | M] (Microsoft Corporation) MD5=D1EFCBD693B5BA21314D06368C471070 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\i8042prt.sys < MD5 for: IMAPI.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:imapi.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:imapi.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:imapi.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:imapi.sys [2008/04/13 13:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\ServicePackFiles\i386\imapi.sys [2008/04/13 13:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) MD5=083A052659F5310DD8B6A6CB05EDCF8E -- C:\WINDOWS\system32\drivers\imapi.sys [2004/08/05 13:00:00 | 000,041,856 | ---- | M] (Microsoft Corporation) MD5=F8AA320C6A0409C0380E5D8A99D76EC6 -- C:\WINDOWS\$NtServicePackUninstall$\imapi.sys < MD5 for: INTELIDE.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:intelide.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:intelide.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:intelide.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:intelide.sys [2004/08/04 01:43:40 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=1367812F8A974E0C13A4888FA5E7EDE6 -- C:\WINDOWS\$NtServicePackUninstall$\intelide.sys [2004/08/04 01:43:40 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=1367812F8A974E0C13A4888FA5E7EDE6 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\intelide.sys [2008/04/13 21:03:25 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=4B6DA2F0A4095857A9E3F3697399D575 -- C:\WINDOWS\ServicePackFiles\i386\intelide.sys [2008/04/13 21:03:25 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=4B6DA2F0A4095857A9E3F3697399D575 -- C:\WINDOWS\system32\drivers\intelide.sys < MD5 for: MOUNTMGR.SYS > [2004/08/05 13:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys [2008/04/13 13:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys [2008/04/13 13:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys < MD5 for: MRXSMB.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mrxsmb.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:mrxsmb.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:mrxsmb.sys [2006/05/05 04:41:45 | 000,453,120 | ---- | M] (Microsoft Corporation) MD5=025AF03CE51645C62F3B6907A7E2BE5E -- C:\WINDOWS\$NtUninstallKB957097_0$\mrxsmb.sys [2004/08/05 13:00:00 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\$NtUninstallKB885250$\mrxsmb.sys [2009/12/04 13:22:22 | 000,455,424 | ---- | M] (Microsoft Corporation) MD5=421F7B922CEC5A5F340E7574A98F7B7C -- C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys [2005/01/19 06:26:52 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=5DDC9A1B2EB5A4BF010CE8C019A18C1F -- C:\WINDOWS\$NtUninstallKB914389$\mrxsmb.sys [2009/12/04 12:25:56 | 000,456,832 | ---- | M] (Microsoft Corporation) MD5=602549D1E8A622E5746991F6C56B21CA -- C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys [2008/10/24 06:21:09 | 000,455,296 | ---- | M] (Microsoft Corporation) MD5=60AE98742484E7AB80C3C1450E708148 -- C:\WINDOWS\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys [2008/10/24 06:21:09 | 000,455,296 | ---- | M] (Microsoft Corporation) MD5=60AE98742484E7AB80C3C1450E708148 -- C:\WINDOWS\$NtUninstallKB978251$\mrxsmb.sys [2008/04/13 14:17:01 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\$NtUninstallKB957097$\mrxsmb.sys [2008/04/13 14:17:01 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys [2008/10/24 06:10:42 | 000,453,632 | ---- | M] (Microsoft Corporation) MD5=6F2D483B97B395544E59749C47963C6A -- C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys [2008/10/24 06:41:11 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=7170AB42B51954DEF2781A4D1CCE65F4 -- C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys [2006/05/05 05:16:39 | 000,454,400 | ---- | M] (Microsoft Corporation) MD5=7412CE77C6FD823F8889B4DF420C680B -- C:\WINDOWS\$hf_mig$\KB914389\SP2QFE\mrxsmb.sys [2005/01/19 05:51:57 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=7B195060FF456FA65954C72C5C1640FF -- C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys [2004/10/28 03:15:16 | 000,448,128 | ---- | M] (Microsoft Corporation) MD5=A1BE3CB080DCC0A8270D21E3CA3B7005 -- C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys [2008/10/24 06:25:29 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=D07DA410091143336DAE419A921AAE2B -- C:\WINDOWS\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys [2010/02/24 06:57:57 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=D09B9F0B9960DD41E73127B7814C115F -- C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys [2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\Driver Cache\i386\mrxsmb.sys [2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\system32\dllcache\mrxsmb.sys [2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\system32\drivers\mrxsmb.sys < MD5 for: NDIS.SYS > [2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 14:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys < MD5 for: NETLOGON.DLL > [2008/04/13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 21:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: RASACD.SYS > [2004/08/05 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys [2004/08/05 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPCDD.SYS > [2004/08/05 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\dllcache\rdpcdd.sys [2004/08/05 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=4912D5B403614CE99C28420F75353332 -- C:\WINDOWS\system32\drivers\rdpcdd.sys < MD5 for: REDBOOK.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:redbook.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:redbook.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:redbook.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:redbook.sys [2004/08/04 01:39:44 | 000,058,496 | ---- | M] (Microsoft Corporation) MD5=2CC30B68DD62B73D444A41322CD7FC4C -- C:\WINDOWS\$NtServicePackUninstall$\redbook.sys [2008/04/13 20:57:34 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\ServicePackFiles\i386\redbook.sys [2008/04/13 20:57:34 | 000,058,752 | ---- | M] (Microsoft Corporation) MD5=D8EB2A7904DB6C916EB5361878DDCBAE -- C:\WINDOWS\system32\drivers\redbook.sys < MD5 for: SCECLI.DLL > [2008/04/13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 21:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: SERVICES.EXE > [2008/04/13 21:34:20 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\$NtUninstallKB956572$\services.exe [2008/04/13 21:34:20 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\ServicePackFiles\i386\services.exe [2009/02/09 06:16:53 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=62789101F9C2401ED598AA2CDE7450C0 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe [2004/08/05 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=732E0B1ABAACE15D80EC19056B0A2AF9 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe [2009/02/09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\dllcache\services.exe [2009/02/09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\system32\services.exe < MD5 for: SMSS.EXE > [2008/04/13 21:34:22 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe [2008/04/13 21:34:22 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=48E430297DA757F5CC2793CCFACAD5E7 -- C:\WINDOWS\system32\smss.exe [2004/08/05 07:00:00 | 000,512,512 | ---- | M] (Microsoft Corporation) MD5=4AB4DB9D2CB393E2095330D668FFD5A9 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE [2004/08/05 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=B4C08D31E8C2EA9D76F892052A6FCAEB -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe [2004/08/05 07:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=B85EF28D9347CCAECB9F9C3391B68131 -- C:\cmdcons\system32\smss.exe < MD5 for: SPOOLSV.EXE > [2010/08/17 08:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe [2008/04/13 21:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe [2008/04/13 21:34:23 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=460E4CE148BD07218DA0B6A3D31885A9 -- C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe [2010/08/17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe [2010/08/17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe [2004/08/05 13:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=B4EF928E4FAD79364A80ACBA6D999934 -- C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe [2005/06/10 18:53:32 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=DA81EC57ACD4CDC3D4C51CF3D409AF9F -- C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe < MD5 for: SVCHOST.EXE > [2004/08/05 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe [2008/04/13 21:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe [2008/04/13 21:34:23 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe < MD5 for: TCPIP.SYS > [2006/04/20 06:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys [2008/06/20 05:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys [2006/01/13 12:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys [2006/01/12 21:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [2005/05/25 14:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys [2007/10/30 11:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys [2008/06/20 05:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys [2005/05/25 14:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys [2007/10/30 12:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys [2008/04/13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys [2008/04/13 14:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys [2004/08/05 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys [2008/06/20 06:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys [2006/04/20 07:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys < MD5 for: TERMDD.SYS > [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:termdd.sys [2004/08/05 07:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:termdd.sys [2009/04/11 09:25:00 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:termdd.sys [2008/04/13 21:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\ServicePackFiles\i386\termdd.sys [2008/04/13 21:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys [2004/08/04 00:55:12 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\$NtServicePackUninstall$\termdd.sys < MD5 for: USERINIT.EXE > [2004/08/05 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/13 21:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < MD5 for: WIN32K.SYS > [2008/04/13 20:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\$NtUninstallKB954211$\win32k.sys [2008/04/13 20:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys [2010/05/02 03:02:25 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys [2010/10/26 08:59:49 | 001,862,400 | ---- | M] (Microsoft Corporation) MD5=19209B83DC73BCA78558C2F220DB65E2 -- C:\WINDOWS\$hf_mig$\KB2436673\SP3QFE\win32k.sys [2005/10/05 22:12:57 | 001,839,616 | ---- | M] (Microsoft Corporation) MD5=1D0E52F9F1A0B1D0A6A9C1A3B2F4EB34 -- C:\WINDOWS\$hf_mig$\KB896424\SP2QFE\win32k.sys [2007/03/08 10:45:59 | 001,844,096 | ---- | M] (Microsoft Corporation) MD5=24B0EF79632899E1831BD052F53A8A24 -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\win32k.sys [2008/03/20 03:09:22 | 001,845,376 | ---- | M] (Microsoft Corporation) MD5=24FF05FBBC6284F8D9327AF547DBEF30 -- C:\WINDOWS\$NtUninstallKB954211_0$\win32k.sys [2010/12/31 09:04:24 | 001,855,104 | ---- | M] (Microsoft Corporation) MD5=3AB58BCEC87615E452991E8E257ADFA9 -- C:\WINDOWS\system32\dllcache\win32k.sys [2010/12/31 09:04:24 | 001,855,104 | ---- | M] (Microsoft Corporation) MD5=3AB58BCEC87615E452991E8E257ADFA9 -- C:\WINDOWS\system32\win32k.sys [2009/08/14 10:58:52 | 001,859,840 | ---- | M] (Microsoft Corporation) MD5=479DD2D56488951B4842B6ECBB770239 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys [2009/02/09 08:54:34 | 001,847,552 | ---- | M] (Microsoft Corporation) MD5=47AB7119E1922F8089148485C0597B2C -- C:\WINDOWS\$hf_mig$\KB958690\SP2QFE\win32k.sys [2008/09/15 10:14:42 | 001,847,040 | ---- | M] (Microsoft Corporation) MD5=4B7F71D24D215A79400C947EE9C9AF7B -- C:\WINDOWS\$hf_mig$\KB954211\SP2QFE\win32k.sys [2005/10/05 22:08:49 | 001,839,616 | ---- | M] (Microsoft Corporation) MD5=692ED535C8ABAA2B38A13025DC0ED758 -- C:\WINDOWS\$NtUninstallKB925902$\win32k.sys [2004/08/05 13:00:00 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\$NtUninstallKB890859$\win32k.sys [2009/02/09 09:05:54 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=6D791CDCE0B1551D95A81D69E7352EF5 -- C:\WINDOWS\$hf_mig$\KB958690\SP3GDR\win32k.sys [2009/02/09 09:05:54 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=6D791CDCE0B1551D95A81D69E7352EF5 -- C:\WINDOWS\$NtUninstallKB968537$\win32k.sys [2008/03/20 02:56:50 | 001,846,016 | ---- | M] (Microsoft Corporation) MD5=76DB0C82A525036299B3E195479B4DF1 -- C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys [2005/03/02 13:13:08 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=7EC7E0B304C1D7F73E9B6C4977952220 -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys [2010/09/01 02:54:08 | 001,862,016 | ---- | M] (Microsoft Corporation) MD5=81C11BC7F3FAE0CC76941A8AB9B2ED1A -- C:\WINDOWS\$hf_mig$\KB981957\SP3QFE\win32k.sys [2009/08/14 10:13:59 | 001,850,752 | ---- | M] (Microsoft Corporation) MD5=8441F8A5DC42BD5F2BEAA95297EE0E10 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys [2005/03/02 13:07:53 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=8B39DEFB4843B15A3044FFA23332B299 -- C:\WINDOWS\$NtUninstallKB896424$\win32k.sys [2008/09/15 10:26:07 | 001,846,528 | ---- | M] (Microsoft Corporation) MD5=9F1A0FB5BD8ACECC6CB0A9130BD8F3C3 -- C:\WINDOWS\$hf_mig$\KB954211\SP3GDR\win32k.sys [2008/09/15 10:26:07 | 001,846,528 | ---- | M] (Microsoft Corporation) MD5=9F1A0FB5BD8ACECC6CB0A9130BD8F3C3 -- C:\WINDOWS\$NtUninstallKB958690$\win32k.sys [2009/02/09 08:59:50 | 001,847,680 | ---- | M] (Microsoft Corporation) MD5=A06AF7F6B26F2BDEFB0961D4641D6453 -- C:\WINDOWS\$hf_mig$\KB958690\SP3QFE\win32k.sys [2009/04/19 14:42:34 | 001,847,936 | ---- | M] (Microsoft Corporation) MD5=A4CB910DA61C2AB50D1D4E15CDA48D32 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys [2010/10/26 09:07:17 | 001,853,440 | ---- | M] (Microsoft Corporation) MD5=A872D428716E5C454D97F16785656351 -- C:\WINDOWS\$NtUninstallKB2479628$\win32k.sys [2007/03/08 10:33:58 | 001,843,712 | ---- | M] (Microsoft Corporation) MD5=A8B9B1911F1D52DB8D24C4AC37CEC0E3 -- C:\WINDOWS\$NtUninstallKB941693$\win32k.sys [2008/09/15 10:20:39 | 001,847,040 | ---- | M] (Microsoft Corporation) MD5=AC230363E6F0021E3F8336990F348A87 -- C:\WINDOWS\$hf_mig$\KB954211\SP3QFE\win32k.sys [2010/09/01 02:55:16 | 001,852,928 | ---- | M] (Microsoft Corporation) MD5=C71A8AFDCD34601F7FDE2DA3792CEAE9 -- C:\WINDOWS\$NtUninstallKB2436673$\win32k.sys [2010/06/24 04:02:32 | 001,852,032 | ---- | M] (Microsoft Corporation) MD5=CA341AEF1BBBF1EF98B07E46681257D9 -- C:\WINDOWS\$NtUninstallKB981957$\win32k.sys [2010/05/02 03:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$NtUninstallKB2160329$\win32k.sys [2009/04/19 14:50:30 | 001,847,296 | ---- | M] (Microsoft Corporation) MD5=E2D4E6609DCF4175FCC8BCA489F28D9C -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys [2009/02/09 09:17:39 | 001,846,400 | ---- | M] (Microsoft Corporation) MD5=EC33096B88A6D66177E83978699EC20B -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys [2010/06/24 16:29:54 | 001,861,248 | ---- | M] (Microsoft Corporation) MD5=F1AEB1184052F4598390CE4CD638CA14 -- C:\WINDOWS\$hf_mig$\KB2160329\SP3QFE\win32k.sys [2008/09/15 10:39:16 | 001,846,144 | ---- | M] (Microsoft Corporation) MD5=F5FEFC4A30A7B234F62E4339E0FEE476 -- C:\WINDOWS\$NtUninstallKB958690_0$\win32k.sys [2010/12/31 09:02:58 | 001,864,192 | ---- | M] (Microsoft Corporation) MD5=FA7694CA8CE7E7660676C646A15A3CEE -- C:\WINDOWS\$hf_mig$\KB2479628\SP3QFE\win32k.sys < MD5 for: WINLOGON.EXE > [2004/08/05 13:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/13 21:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011/01/21 09:44:12 | 008,518,656 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2004/11/23 17:11:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2004/11/23 17:11:52 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2004/11/23 17:11:52 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < CREATERESTOREPOINT > < End of report >
  16. ben ali
  17. ben ali
    J'en suis à l'étape "msconfig" mais à vrai dire je n'ai pas bien compris quels étaient le ou les fichiers à supprimer dans l'onglet démarrage ? Merci encore par avance pour tes lumières précieuses !
  18. ben ali
    Bonjour Bernard53, Avec un peu de retard, je vous poste tout d'abord le rapport issu de "roguekiller" qui est le suivant : RogueKiller V4.0.1 by Tigzy contact at Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Feedback: [RogueKiller] Remontées (1/9) Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Safe mode with network support User: HP_Propriétaire [Admin rights] Mode: Remove -- Time : 03/03/2011 20:49:08 Bad processes: 0 Registry Entries: 0 HOSTS File: 127.0.0.1 localhost Finished RogueKiller V4.0.1 by Tigzy contact at Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Feedback: [RogueKiller] Remontées (1/9) Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Safe mode with network support User: Administrateur [Admin rights] Mode: Remove -- Time : 03/03/2011 20:54:34 Bad processes: 0 Registry Entries: 0 HOSTS File: 127.0.0.1 localhost Finished Puis je passer à la suite du processus que vous m'avez indiqué dans votre dernier post ? Merci encore mille fois par avance pour votre aide et le temps que vous prenez pour me répondre !
  19. ben ali
    Gros problème : - Après avoir lancé combofix (sous le mode sans échec avec prise en charge réseau) celui semble bien s'executer jusqu'au reboot nécessité pour finir le processus. Donc là, je choisis de redémarrer en mode XP "classique" et alors que Windows commence à se lancer et que j'ai droit à un écran comme quoi "Combofix prépare le compte-rendu", le rootkit-trojan fait rebooter mon ordi. Bien sûr, quant il se rallume, aucune trace du combofix.txt vu que le processus n'a pu aller à sa fin. Toute façon, mon pc se met tout de suite à rebooter donc là je suis de nouveau en mode sans échec avec prise en charge réseau. Auriez vous donc encores des suggestions pour lutter contre cette infection qui apparait comme particulièrement vicieuse et carabinée ? Merci encore mille fois par avance pour votre aide et votre patience !
  20. ben ali
    Quant le pc redémarre après le lancement de combofix, j'ai le choix entre démarrer en mode Windows XP "classique" ou bien en mode console de récupération. Dans lequel de ces deux modes faut-t-il que je redémarre ? Merci beaucoup encore pour votre aide précieuse !
  21. ben ali
    Bonjour tout le monde, Mon pc étant est apparemment infesté de trojan, worms et autre backdoor que ni spybot ni le "emergency kit" d'Emisoft n'arrivent à éradiquer définitivement (à chaque fois j'ai l'impression qu'ils ressuscitent, même si je purge bien les fichiers temporaires et les cookies). Les principaux symptomes sont une grande lenteur générale du système et de temps à autres des liens parasites sur lesquels je suis envoyé quant j'utilise internet. Plus grave, j'ai constaté il y a peu une série de reboot continuels. Heureusement, là j'ai réussi à redémarrer en mode échec et à repurger le strict minimum de merdes avec spybot et l'emergency kit. Comme je sais qu'elles vont revenir si je ne fais rien de plus, je vais déja vous transmetre le rapport du log de hijackthis dans mon post suivant. Merci mille fois par avance pour votre aide et vos lumières ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:21:43, on 01/03/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\thomas\iufm\EmsisoftEmergencyKit\HiJackThis.exe C:\THOMAS\IUFM\EMSISOFTEMERGENCYKIT\run\a2emergencykit.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing : R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q305&bd=pavilion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll (file missing) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {32C2EEAF-79B6-0261-3C86-5B83C0688136} - c:\windows\system32\dboyvmyo.dll (file missing) O2 - BHO: T10QP3808 - {4F4693CD-2B4D-42BD-B512-D2AB0F74D30C} - C:\Program Files\IEToolbar\Google Toolbar\frame_search.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Google Toolbar - {5DE50A7B-9B62-DDBE-1BA3-C385294E418F} - C:\Program Files\IEToolbar\Google Toolbar\frame_search.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [AutoTBar] c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [shujesoxikayisuk] rundll32.exe "C:\WINDOWS\wintphl.dll",Startup O4 - HKCU\..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Dell Control Utility.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - wisup.net O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/player/mmsPlayer.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe -- End of file - 10939 bytes
  22. ben ali
    Salut Lance, J'ai procédé à la suppression de combofix (comme tu l'indiques), à l'installation de la nouvelle version de java/désinstallation des anciennes versions, vérifié l'UAC ainsi que les dernières maj windows7 mais cela ne change absolument rien à mon problème. Je te remercie encore par avance pour tes lumières et ton aide Cordialement
  23. ben ali
    Rebonjour Lance, Mon windows est parfaitement légal après c'est vrai que je n'ai pas forcèment fait toutes les mises à jour. Merci encore par avance pour tes lumières
  24. ben ali
    ComboFix 11-01-24.02 - Utilisateur 25/01/2011 13:43:16.1.2 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3999.2830 [GMT 1:00] Lancé depuis: c:\users\Utilisateur\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((( Fichiers créés du 2010-12-25 au 2011-01-25 )))))))))))))))))))))))))))))))))))) . 2011-01-25 12:48 . 2011-01-25 12:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-01-25 10:30 . 2011-01-25 10:30 -------- d-----w- C:\_OTL 2011-01-23 18:17 . 2011-01-23 18:17 -------- d-----w- c:\program files\CCleaner 2011-01-21 10:00 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD083940-6BFF-4E15-BAD9-B1529767403D}\mpengine.dll 2011-01-19 21:29 . 2011-01-19 21:29 -------- d-----w- C:\VundoFix Backups 2011-01-19 18:24 . 2011-01-19 18:24 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Malwarebytes 2011-01-19 18:24 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-01-19 18:24 . 2011-01-19 18:24 -------- d-----w- c:\programdata\Malwarebytes 2011-01-19 18:24 . 2011-01-19 18:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-01-19 18:24 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-12 19:09 . 2010-11-02 05:12 1540608 ----a-w- c:\windows\system32\DWrite.dll 2011-01-12 19:09 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll 2011-01-12 19:09 . 2010-11-02 05:12 902656 ----a-w- c:\windows\system32\d2d1.dll 2011-01-12 19:09 . 2010-11-02 04:35 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2011-01-12 19:09 . 2010-11-02 04:35 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2011-01-12 19:09 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL 2011-01-08 12:33 . 2011-01-08 12:35 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\PhotoFiltre 2011-01-08 12:33 . 2011-01-08 12:33 -------- d-----w- c:\program files (x86)\PhotoFiltre . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-04 06:35 . 2010-12-16 18:00 1194496 ----a-w- c:\windows\system32\wininet.dll 2010-11-04 06:31 . 2010-12-16 18:00 57856 ----a-w- c:\windows\system32\licmgr10.dll 2010-11-04 05:52 . 2010-12-16 18:00 978944 ----a-w- c:\windows\SysWow64\wininet.dll 2010-11-04 05:48 . 2010-12-16 18:00 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2010-11-04 05:16 . 2010-12-16 18:00 482816 ----a-w- c:\windows\system32\html.iec 2010-11-04 04:41 . 2010-12-16 18:00 386048 ----a-w- c:\windows\SysWow64\html.iec 2010-11-04 04:35 . 2010-12-16 18:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-04 04:08 . 2010-12-16 18:00 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2010-11-02 05:18 . 2010-12-16 18:00 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll 2010-11-02 05:17 . 2010-12-16 18:00 473600 ----a-w- c:\windows\system32\taskcomp.dll 2010-11-02 05:17 . 2010-12-16 18:00 1169408 ----a-w- c:\windows\system32\taskschd.dll 2010-11-02 05:16 . 2010-12-16 18:00 1114624 ----a-w- c:\windows\system32\schedsvc.dll 2010-11-02 05:10 . 2010-12-16 18:00 464384 ----a-w- c:\windows\system32\taskeng.exe 2010-11-02 05:10 . 2010-12-16 18:00 285696 ----a-w- c:\windows\system32\schtasks.exe 2010-11-02 04:40 . 2010-12-16 18:00 496128 ----a-w- c:\windows\SysWow64\taskschd.dll 2010-11-02 04:40 . 2010-12-16 18:00 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll 2010-11-02 04:34 . 2010-12-16 18:00 192000 ----a-w- c:\windows\SysWow64\taskeng.exe 2010-11-02 04:34 . 2010-12-16 18:00 179712 ----a-w- c:\windows\SysWow64\schtasks.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2009-06-02 24264488] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Google Update"="c:\users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-05-22 136176] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-23 39408] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136] R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-22 135664] R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-20 1255736] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-02 89600] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-04-14 63568] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - KLMD25 *Deregistered* - klmd25 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . --------- x86-64 ----------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-10 165912] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-10 387608] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-10 365592] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-08 171520] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-08-13 456192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~4\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-SAMSUNG CDMA Modem - c:\windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe AddRemove-SAMSUNG Mobile USB Modem - c:\windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe AddRemove-SAMSUNG Mobile USB Modem 1.0 - c:\windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-01-25 13:50:22 ComboFix-quarantined-files.txt 2011-01-25 12:50 Avant-CF: 183 981 268 992 octets libres Après-CF: 183 614 926 848 octets libres - - End Of File - - 0255E19486C159AFE7ACA8B17D5D1E0A
  25. ben ali
    2011/01/25 13:38:49.0781 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53 2011/01/25 13:38:49.0781 ================================================================================ 2011/01/25 13:38:49.0781 SystemInfo: 2011/01/25 13:38:49.0781 2011/01/25 13:38:49.0781 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/25 13:38:49.0781 Product type: Workstation 2011/01/25 13:38:49.0781 ComputerName: UTILISATEUR-PC 2011/01/25 13:38:49.0796 UserName: Utilisateur 2011/01/25 13:38:49.0796 Windows directory: C:\Windows 2011/01/25 13:38:49.0796 System windows directory: C:\Windows 2011/01/25 13:38:49.0796 Running under WOW64 2011/01/25 13:38:49.0796 Processor architecture: Intel x64 2011/01/25 13:38:49.0796 Number of processors: 2 2011/01/25 13:38:49.0796 Page size: 0x1000 2011/01/25 13:38:49.0796 Boot type: Normal boot 2011/01/25 13:38:49.0796 ================================================================================ 2011/01/25 13:38:50.0140 Initialize success 2011/01/25 13:39:01.0387 ================================================================================ 2011/01/25 13:39:01.0387 Scan started 2011/01/25 13:39:01.0387 Mode: Manual; 2011/01/25 13:39:01.0387 ================================================================================ 2011/01/25 13:39:02.0074 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/25 13:39:02.0136 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/25 13:39:02.0183 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/25 13:39:02.0230 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/25 13:39:02.0277 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/25 13:39:02.0323 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/25 13:39:02.0386 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/25 13:39:02.0479 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys 2011/01/25 13:39:02.0542 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/25 13:39:02.0589 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/25 13:39:02.0620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/25 13:39:02.0682 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/25 13:39:02.0713 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/25 13:39:02.0760 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/25 13:39:02.0807 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/25 13:39:02.0854 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/25 13:39:02.0901 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/25 13:39:02.0947 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/25 13:39:02.0994 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/25 13:39:03.0041 aswFsBlk (5a1408b8f58ce21f6a46bb8ca0c297f3) C:\Windows\system32\drivers\aswFsBlk.sys 2011/01/25 13:39:03.0103 aswMonFlt (199ccbb4a91bec33e190ec35ccbcee0f) C:\Windows\system32\drivers\aswMonFlt.sys 2011/01/25 13:39:03.0119 aswRdr (4088ec72890ec83844e9c562e1caee63) C:\Windows\system32\drivers\aswRdr.sys 2011/01/25 13:39:03.0150 aswSP (bda2f93cb8623d1e42bc781b731f9cc6) C:\Windows\system32\drivers\aswSP.sys 2011/01/25 13:39:03.0181 aswTdi (e2415eeddb4bf338fb6db561462425f6) C:\Windows\system32\drivers\aswTdi.sys 2011/01/25 13:39:03.0213 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/25 13:39:03.0244 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/25 13:39:03.0306 athr (38562a6a9cb10844759eaf2b01a7fcd3) C:\Windows\system32\DRIVERS\athrx.sys 2011/01/25 13:39:03.0447 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/25 13:39:03.0509 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/25 13:39:03.0556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/25 13:39:03.0618 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/25 13:39:03.0649 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/25 13:39:03.0681 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/25 13:39:03.0696 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/25 13:39:03.0743 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/25 13:39:03.0759 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/25 13:39:03.0790 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/25 13:39:03.0805 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/25 13:39:03.0837 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/25 13:39:03.0883 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/25 13:39:03.0915 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/25 13:39:03.0961 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/25 13:39:03.0993 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/25 13:39:04.0071 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/25 13:39:04.0086 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/25 13:39:04.0117 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/25 13:39:04.0164 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/25 13:39:04.0211 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/25 13:39:04.0258 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/25 13:39:04.0320 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/25 13:39:04.0351 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/25 13:39:04.0398 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/25 13:39:04.0445 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/25 13:39:04.0507 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/25 13:39:04.0601 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/25 13:39:04.0726 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/25 13:39:04.0757 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/25 13:39:04.0804 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/25 13:39:04.0851 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/25 13:39:04.0866 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/25 13:39:04.0913 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/25 13:39:04.0944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/25 13:39:04.0975 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/25 13:39:05.0007 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/25 13:39:05.0038 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/25 13:39:05.0069 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/25 13:39:05.0116 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/25 13:39:05.0147 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/25 13:39:05.0209 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/25 13:39:05.0256 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/01/25 13:39:05.0287 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/25 13:39:05.0303 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/25 13:39:05.0334 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/25 13:39:05.0365 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/25 13:39:05.0412 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/25 13:39:05.0475 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 2011/01/25 13:39:05.0506 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/25 13:39:05.0537 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/25 13:39:05.0584 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/25 13:39:05.0615 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/25 13:39:05.0662 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/25 13:39:05.0833 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/01/25 13:39:06.0005 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/25 13:39:06.0067 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys 2011/01/25 13:39:06.0099 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/25 13:39:06.0130 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/25 13:39:06.0161 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/25 13:39:06.0208 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/25 13:39:06.0223 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/25 13:39:06.0255 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/25 13:39:06.0286 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/25 13:39:06.0333 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/25 13:39:06.0379 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/25 13:39:06.0395 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/25 13:39:06.0442 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/25 13:39:06.0489 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/25 13:39:06.0504 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/25 13:39:06.0582 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/25 13:39:06.0629 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/25 13:39:06.0660 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/25 13:39:06.0691 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/25 13:39:06.0723 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/25 13:39:06.0754 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/25 13:39:06.0801 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/25 13:39:06.0832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/25 13:39:06.0879 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/25 13:39:06.0925 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/25 13:39:06.0972 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/25 13:39:07.0050 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/25 13:39:07.0097 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/25 13:39:07.0128 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/25 13:39:07.0175 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/25 13:39:07.0222 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/25 13:39:07.0284 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/25 13:39:07.0315 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/25 13:39:07.0347 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/25 13:39:07.0393 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/25 13:39:07.0425 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/25 13:39:07.0471 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/25 13:39:07.0503 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/25 13:39:07.0518 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/25 13:39:07.0581 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/25 13:39:07.0596 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/25 13:39:07.0627 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/25 13:39:07.0659 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/25 13:39:07.0705 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/25 13:39:07.0737 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/25 13:39:07.0752 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/25 13:39:07.0783 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/25 13:39:07.0846 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/25 13:39:07.0908 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/25 13:39:07.0971 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/25 13:39:08.0002 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/25 13:39:08.0049 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/25 13:39:08.0080 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/25 13:39:08.0095 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/25 13:39:08.0127 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/25 13:39:08.0158 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/25 13:39:08.0314 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 2011/01/25 13:39:08.0439 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/25 13:39:08.0470 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/25 13:39:08.0517 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/25 13:39:08.0579 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/25 13:39:08.0641 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/25 13:39:08.0657 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/25 13:39:08.0688 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/25 13:39:08.0735 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/25 13:39:08.0766 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/25 13:39:08.0797 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/25 13:39:08.0829 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/25 13:39:08.0860 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/25 13:39:08.0891 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/25 13:39:08.0922 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/25 13:39:08.0953 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/25 13:39:08.0985 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/25 13:39:09.0125 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/25 13:39:09.0156 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/25 13:39:09.0203 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/25 13:39:09.0265 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/25 13:39:09.0312 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/25 13:39:09.0359 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/25 13:39:09.0390 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/25 13:39:09.0421 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/25 13:39:09.0468 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/25 13:39:09.0499 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/25 13:39:09.0531 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/25 13:39:09.0577 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/25 13:39:09.0609 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/25 13:39:09.0655 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/25 13:39:09.0687 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/25 13:39:09.0702 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/25 13:39:09.0749 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/25 13:39:09.0780 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/25 13:39:09.0843 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/25 13:39:09.0936 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/01/25 13:39:09.0983 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/25 13:39:10.0045 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/25 13:39:10.0092 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys 2011/01/25 13:39:10.0139 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/25 13:39:10.0186 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/25 13:39:10.0233 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/25 13:39:10.0264 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/25 13:39:10.0326 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/25 13:39:10.0357 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/25 13:39:10.0389 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/25 13:39:10.0420 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/25 13:39:10.0482 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/25 13:39:10.0513 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/25 13:39:10.0545 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/25 13:39:10.0591 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/25 13:39:10.0654 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2011/01/25 13:39:10.0701 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/25 13:39:10.0747 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 2011/01/25 13:39:10.0794 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 2011/01/25 13:39:10.0857 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 2011/01/25 13:39:10.0919 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/25 13:39:10.0966 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/25 13:39:11.0013 STHDA (8d1ce4322a35f840711b87927cb57c05) C:\Windows\system32\DRIVERS\stwrt64.sys 2011/01/25 13:39:11.0059 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/25 13:39:11.0122 SynTP (929c9fa0b18ad2ebc8340591c4bf00ff) C:\Windows\system32\DRIVERS\SynTP.sys 2011/01/25 13:39:11.0231 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2011/01/25 13:39:11.0325 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/25 13:39:11.0356 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/25 13:39:11.0403 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/25 13:39:11.0418 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/25 13:39:11.0465 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/25 13:39:11.0481 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/25 13:39:11.0559 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/25 13:39:11.0590 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/25 13:39:11.0621 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/25 13:39:11.0652 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/25 13:39:11.0699 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/25 13:39:11.0746 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/25 13:39:11.0777 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/25 13:39:11.0824 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/25 13:39:11.0855 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/25 13:39:11.0886 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/25 13:39:11.0917 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/25 13:39:11.0949 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/25 13:39:11.0980 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/25 13:39:12.0027 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/01/25 13:39:12.0058 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/25 13:39:12.0198 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/25 13:39:12.0261 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/01/25 13:39:12.0292 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/25 13:39:12.0323 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/25 13:39:12.0354 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/25 13:39:12.0370 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/25 13:39:12.0401 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/25 13:39:12.0432 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/25 13:39:12.0463 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/25 13:39:12.0495 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/25 13:39:12.0526 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/25 13:39:12.0557 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/01/25 13:39:12.0604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/01/25 13:39:12.0635 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/25 13:39:12.0666 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/25 13:39:12.0682 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/25 13:39:12.0744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/25 13:39:12.0775 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/25 13:39:12.0853 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/25 13:39:12.0885 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/25 13:39:12.0978 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/01/25 13:39:13.0009 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/25 13:39:13.0072 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/25 13:39:13.0119 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/25 13:39:13.0165 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/25 13:39:13.0243 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 2011/01/25 13:39:13.0290 ================================================================================ 2011/01/25 13:39:13.0290 Scan finished 2011/01/25 13:39:13.0290 ================================================================================
×
×
  • Créer...