[Résolu] Virus récalcitrant sur mon ordinateur

[ma_rhaja]

Bonjour à tous et un grand bravo à tous les helpeurs de ce site sympa.

Je vais en profiter tout de même pour me présenter brièvement avant de vous exposer mon problème.

Alors presque tous les infos me concernant sont dans mon pseudo : le pays d'où je viens, mon nom et mon prénom (dans l'ordre dans mon pseudo : ma_ pour le pays, "r" est l'initial de mon nom et le reste est un diminutif de mon prénom qui veut dire honneur ou respect dans ma langue).

 

J'ai découvert ce site en voulant essayer de désinfecter mes 2 pc (bureau et perso) et qui sont tous 2 infectés par le même virus dû à une clé usb que j'ai inséré.

 

J'aurai aimé vouloir poster depuis longtemps mais je n'ai réussi à m'inscrire que la semaine dernière (alors que mes pc étaient infectés depuis le mois de novembre dernier), et j'espère que cette fois-ci aussi je n'aurai pas de problème avec le bouton "envoyer" (j'ai essayé d'exposer mon problème sur le forum depuis jeudi mais ça ne passe pas, ça met trop de temps d'attente et au final je tombe toujours sur la page "connexion réinitialisée" de firefox).

 

Voilà mon problème : en insérant une clé usb, un dossier .exe se crée automatiquement sur la clé avec le nom d'utilisateur du pc (ex : User_Fichiers.exe) et les dossiers présents sur la clé sont tous doublés du même nom . En scannant le pc (bureau et/ou perso) avec PCA sécurité et RAV et Avira (sans la clé infectée), ces programmes me disent que le pc est sain, et lorsque je branche la clé et que je refais le scan PCA sécurité et RAV me disent que la clé est infectée.

 

J'ai récemment téléchargé malwarebyte's (c'était la semaine dernière lorsque j'ai réussi à m'inscrire ), l'a installé sur mon pc perso, fais un scan (la clé infectée étant branchée sur le pc) et il m'a fait un joli rapport me disant qu'il y a environ une cinquantaine de fichiers infectés. Je les ai supprimé toujours avec malwarebyte. J'ai ensuite reformaté ma clé usb. Histoire de vérifier que tout est maintenant rentré dans l'ordre, j'ai copié quelques fichiers et 2 ou 3 dossiers de mon HDD vers ma clé et...ô surprise.... les extensions .exe sont réapparus.

 

Je veux juste préciser qu'avant de faire ces petites manips, un informaticien vient chaque mois faire une maintenance de notre parc informatique et il utilise combofix pour supprimer les nuisibles. Il a utilisé ce programme sur mon pc perso aussi (c'était au mois de décembre, donc sur le pc infecté). Conclusion donc, jusqu'à maintenant mes 2 pc sont infectés et ça malgré la suppression des nuisibles par combofix.

 

Voici le rapport que m'a donné malwarebyte's après le 1er scan et le formatage de la clé (cette fois, je n'ai scanné que la clé. Ces infos sont celles receuilles par malwarebyte sur le pc perso) :

 

Malwarebytes' Anti-Malware 1.44

Version de la base de données: 3510

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

 

20/01/2010 22:40:10

mbam-log-2010-01-20 (22-40-10).txt

 

Type de recherche: Examen complet (O:\|)

Eléments examinés: 101564

Temps écoulé: 1 minute(s), 18 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\frameworkservice (Trojan.Delf) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\frameworkservice (Trojan.Delf) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Documents and Settings\User\Application Data\smss.exe (Trojan.Delf) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\Sexy Girls.scr (Trojan.Delf) -> Quarantined and deleted successfully.

C:\WINDOWS\inf\smss.exe (Trojan.Delf) -> Quarantined and deleted successfully.

 

Petite remarque : lors de la suppression des nuisibles avec combofix, j'ai pu constater qu'il a aussi supprimé ces trois fichiers smss.exe, sexy girls.scr et svchost.exe alors qu'un mois après avec malwarebyte je retrouve les mêmes fichiers mais sans svchost.exe cette fois. Autre petite précision, il n'y a plus que le pc que j'utilise au bureau qui est connecté car j'ai arrêté ma connexion sur l'autre pc depuis qu'il a été infecté. Pour les MAJ, je le fais en manuel donc.

 

Je remercie d'avance tous ceux qui vont répondre et m'aider à résoudre ce problème. Vous m'excuserez d'avance si je ne peux vous répondre tout de suite car comme je l'ai dit un peu plus haut j'ai un mal fou à me connecter sur le serveur de zebulon. A chaque fois que je clique sur envoyer, ça met un temps fou d'attente qu'à la longue firefox m'affiche toujours la page "connexion réinitialisée", alors que je peux naviguer sans problème sur le site et entre chaque topic du forum.

 

J'ai fais une nouvelle MAJ de malwarebyte hier sur le pc que j'utilise à la maison et refait un scan hier soir. J'ai oublié de faire une copie du rapport mais je le posterai ici demain...(content d'avoir pu enfin poster depuis tout ce temps... )

Modifié le 9 février 2010 par ma_rhaja

[pear]

Bonjour,

Plus d'informations sur la version complète de cet outil.

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Il ne nécessite aucune installation.

- Il peut être lancé depuis n'importe quelle unité de disque.

- Il peut être lancé d'une clé USB.

 

Cliquez sur letournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous aurez à accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

[ma_rhaja]

merci beaucoup pour la rapidité de la réponse pear.

 

Comme je l'ai dit, j'ai connu ce site il y a 2 mois de cela mais n'ai pu finaliser mon inscription qu'il y a une semaine. J'ai télécharger pas mal d'utilitaires ici notamment ZHPdiag. J'ai installé ZHPdiag sur les 2 pc infectés (bureau et celui à la maison). Lorsque je lance ZHPdiag sur le pc de bureau (connecté en permanence) il m'affiche une erreur et ne peut scanner. Par contre, hier soir avant de lancer un scan avec MBAM, j'ai scanné le pc perso avec ZHPdiag et ça m'a affiché un rapport.

 

Donc, pour désinfecter celui que j'utilise au bureau je ne peux donner tout de suite que le rapport de scan effectué par MBAM, et pour celui à la maison je posterai demain le rapport de ZHPdiag ainsi que le premier et le dernier rapport de MBAM.

 

 

Voici le rapport (pc bureau)

 

 

Malwarebytes' Anti-Malware 1.44

Version de la base de données: 3510

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

 

25/01/2010 13:56:20

mbam-log-2010-01-25 (13-55-48)beau

 

Type de recherche: Examen complet (C:\|D:\|G:\|)

Eléments examinés: 188460

Temps écoulé: 24 minute(s), 47 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 4

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\frameworkservice (Trojan.Delf) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\frameworkservice (Trojan.Delf) -> No action taken.

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Documents and Settings\COMPTA 01\Application Data\smss.exe (Trojan.Delf) -> No action taken.

C:\Documents and Settings\COMPTA 01\Application Data\svchost.exe (Trojan.Delf) -> No action taken.

C:\WINDOWS\system32\Sexy Girls.scr (Trojan.Delf) -> No action taken.

C:\WINDOWS\inf\smss.exe (Trojan.Delf) -> No action taken.

 

euh... j'espère m'être un peu plus clair

[pear]

POur éviter erreurs et malentendus , on traitera les machines l'une après l'autre,

la seconde lorsque la première aura été nettoyée.

[ma_rhaja]

ok, d'accord. On commence donc par celui au bureau

 

Voici le rapport de ZHPdiag

 

Rapport de ZHPDiag v1.25.03 par Nicolas Coolman

Run by COMPTA 01 at 26/01/2010 13:35:35

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Platform : Microsoft Windows XP (5.1.2600) Service Pack 2

MSIE: Internet Explorer v6.0.2900.2180

MFIE: Mozilla Firefox (3.5.7)

 

Boot mode: Normal (Normal boot)

Total RAM: 447 MB (34% free)

System drive C: has 11 GB (54%) free of 20 GB

 

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 20 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 22 Go of 55 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Inserted)

H:\ CD-ROM drive (Not Inserted)

 

---\\ Processus lancés

[MD5.3E4C03CEFAD8DE135263236B61A49C90] - (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

[MD5.56B9FDDB02F46B33BCA915B61FEB3507] - (.Zbshareware Lab - Antivirus software.) -- C:\Program Files\USB Disk Security\USBGuard.exe

[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

[MD5.B8DA797CEA896C42F5BAD9E08E21AF9F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replacement).) -- C:\Program Files\SuperCopier2\SuperCopier2.exe

[MD5.E645D94B960913DC9B587DEEEE045BFE] - (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

[MD5.DB04E015B51AE5F931F2FAD45DB0AA9E] - (.Speedbit Ltd. - Speedbit Video Accelerator .) -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe

[MD5.0DB55A06A2CCBC1A6FE272A091E1D87C] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe

[MD5.31AFABDB5E9560E014B14EA8EC1F3635] - (.BitTorrent, Inc. - µTorrent.) -- D:\tor\uTorrent.exe

[MD5.64E41E8FEE655B03E3F19DED21BA5118] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE

[MD5.2979B03D5382A602623C0535B16AB9C0] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\system32\svchost.exe

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

[MD5.63DCDE1A0D86EEB8924D6738FF616EAD] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe

[MD5.39133291CB607BDD87CFC565A4A1E7A5] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe

[MD5.259AF82A0932EEA4F316F92DB94707B6] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe

[MD5.DF9FC62AD51CB082B0AE371919A232CB] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe

[MD5.AA21CF891D0D8248ECA1E9BA201ACBEF] - (.Crawler.com - Spyware Terminator Realtime Shield Service.) -- C:\Program Files\Spyware Terminator\sp_rsser.exe

[MD5.433C9B42059E692C06ADA5AEAE4D4E5F] - (.Speedbit Ltd. - VideoAcceleratorEngine.) -- C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)) -- C:\WINDOWS\System32\shdocvw.dll

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SPEEDBIT1 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: SpeedBit - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [uSB Antivirus] . (.Zbshareware Lab - Antivirus software.) -- C:\Program Files\USB Disk Security\USBGuard.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Crawler Spyware Terminator.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKCU\..\Run: [speedBitVideoAccelerator] . (.Speedbit Ltd. - Speedbit Video Accelerator .) -- C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe

O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe

O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- D:\tor\uTorrent.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.EXE

O4 - Global Startup: Fenêtre d'état de Canon PC1200 iC D600 iR1200G.LNK . (.CANON INC. - CAPM1 PSW Launcher.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM1LAK.EXE

O4 - Global Startup: Dos Optimizer.pif . (.Pas de propriétaire - Pas de description.) -- C:\Documents And Settings\COMPTA 01\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif

O4 - Global Startup: Yahoo! Widgets.lnk . (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Convertir en Adobe PDF - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir en un fichier PDF existant - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - (No file) - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE

O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - (No file) - C:\Program Files\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: Télécharger avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetAll.htm

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (No file) - C:\Program Files\Messenger\msmsgs.exe,302

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - (No file) - file://C:\WINDOWS\Java\classes\xmldso.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - (No file) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{403D8A9A-07D0-4DB1-B303-8FC4F04EED07}: NameServer = 193.251.141.253,80.15.245.3

O17 - HKLM\System\CS1\Services\Tcpip\..\{403D8A9A-07D0-4DB1-B303-8FC4F04EED07}: NameServer = 193.251.141.253,80.15.245.3

O17 - HKLM\System\CS2\Services\Tcpip\..\{403D8A9A-07D0-4DB1-B303-8FC4F04EED07}: NameServer = 193.251.141.253,80.15.245.3

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\System32\msvidctl.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL

O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\SHELL32.dll

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.Adobe Systems, Inc. - 3D Capture.) -- C:\WINDOWS\system32\acaptuser32.dll

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Pas de propriétaire - Pas de description.) -- %SystemRoot%\System32\browseui.dll

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Spouleur d'impression (Spooler) . (.Microsoft Corporation.) - C:\WINDOWS\system32\spoolsv.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: VideoAcceleratorService (VideoAcceleratorService) . (.Speedbit Ltd..) - C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PandaUSBVaccine.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SpeedOptimizer Startup.job

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- Run

O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe

O40 - ASIC: Installation Support - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)

O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)

O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\System32\danim.dll

O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll

O40 - ASIC: Installation Support - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O40 - ASIC: Installation Support - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Personnalisation du navigateur - {3AD78135-0D6D-7BDB-B9E6-E2224AB88D61} - (not file)

O40 - ASIC: Logiciel de navigation hors connexion - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)

O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- advpack.dll

O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)

O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)

O40 - ASIC: Aide sur Internet Explorer - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- advpack.dll

O40 - ASIC: Outils d'installation Internet Explorer - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- advpack.dll

O40 - ASIC: Accès au site MSN - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)

O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)

O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file)

O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe

O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll

O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll

O40 - ASIC: Liaison de données Dynamic HTML - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)

O40 - ASIC: Polices de base Internet Explorer - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)

O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx

O40 - ASIC: Aide HTML - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {EA9C0330-1337-43DE-8A47-02F0C2D5E5F2} - (not file)

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\System32\drivers\afd.sys

O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys

O41 - Driver: Pilote de CD-ROM (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys

O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys

O41 - Driver: Pilote de filtre de gravure CD (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys

O41 - Driver: InCDPass (InCDPass) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\InCDPass.sys

O41 - Driver: InCD Reader (InCDRm) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\InCDRm.sys

O41 - Driver: Pilote de processeur Intel (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys

O41 - Driver: Pilote IPSEC (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys

O41 - Driver: Pilote de la classe Clavier (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys

O41 - Driver: Pilote de la classe Souris (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys

O41 - Driver: MRXSMB (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys

O41 - Driver: Interface NetBIOS (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys

O41 - Driver: NetBIOS sur TCP/IP (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys

O41 - Driver: Pilote processeur (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys

O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys

O41 - Driver: Rdbss (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys

O41 - Driver: (no object) (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys

O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys

O41 - Driver: Pilote de port série (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys

O41 - Driver: Spyware Terminator Driver 2 (sp_rsdrv2) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

O41 - Driver: Pilote du protocole TCP/IP (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys

O41 - Driver: Pilote du protocole IPv6 Microsoft (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\system32\DRIVERS\tcpip6.sys

O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\System32\drivers\vga.sys

O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\System32\drivers\ws2ifsl.sys

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.)

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..)

O42 - Logiciel: Adobe Acrobat 3D 7.1.0 - (.Adobe Systems.)

O42 - Logiciel: Adobe Anchor Service CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Bridge CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe CMaps CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe CSI CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Default Language CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Device Central CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe ExtendScript Toolkit CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Extension Manager CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Output Module - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe PDF Library Files CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..)

O42 - Logiciel: Adobe Search for Help - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Service Manager Extension - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Type Support CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Update Manager CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe XMP Panels CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: Advanced File Lock - (.Blue Lakes Technology.)

O42 - Logiciel: Aspell French Dictionary-0.50-3 - (.GNU.)

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.)

O42 - Logiciel: Avira UnErase Personal - (.Pas de propriétaire.)

O42 - Logiciel: Bibliothèques GTK+ 2.14.7 rev a (supprimer uniquement) - (.Pas de propriétaire.)

O42 - Logiciel: CCleaner (remove only) - (.Piriform.)

O42 - Logiciel: CDisplay 1.8.5.2 - (.trad-fr.com.)

O42 - Logiciel: Canon PC1200/iC D600/iR1200G - (.Pas de propriétaire.)

O42 - Logiciel: Ciel Serveur - (.Pas de propriétaire.)

O42 - Logiciel: Comptabilité - (.Sage.)

O42 - Logiciel: Connect - (.Adobe Systems Incorporated.)

O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.)

O42 - Logiciel: GNU Aspell 0.50-3 - (.GNU.)

O42 - Logiciel: Google Talk (remove only) - (.Pas de propriétaire.)

O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.)

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..)

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.)

O42 - Logiciel: MediaCoder 0.7.2.4580 - (.Broad Intelligence.)

O42 - Logiciel: MediaInfo 0.7.25 - (.MediaArea.net.)

O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.)

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Mozilla Firefox (3.5.7) - (.Mozilla.)

O42 - Logiciel: Mozilla Thunderbird (2.0.0.23) - (.Mozilla.)

O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.)

O42 - Logiciel: NoteWorthy Composer 2 Viewer - (.NoteWorthy Software, Inc..)

O42 - Logiciel: Notepad++ - (.Pas de propriétaire.)

O42 - Logiciel: PDF Password Remover v3.0 - (.VeryPDF.com Inc.)

O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.)

O42 - Logiciel: Panda USB Vaccine 1.0.1.4 - (.Panda Security.)

O42 - Logiciel: Photoshop Camera Raw - (.Adobe Systems Incorporated.)

O42 - Logiciel: Pidgin - (.Pas de propriétaire.)

O42 - Logiciel: PowerISO - (.Pas de propriétaire.)

O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..)

O42 - Logiciel: SpeedBit Toolbar - (.SpeedBit Ltd..)

O42 - Logiciel: SpeedBit Video Accelerator - (.SpeedBit Ltd..)

O42 - Logiciel: SpeedOptimizer - (.SpeedBit Ltd..)

O42 - Logiciel: Spyware Terminator - (.Crawler Inc..)

O42 - Logiciel: Suite Shared Configuration CS4 - (.Adobe Systems Incorporated.)

O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.)

O42 - Logiciel: TeamSpeak 2 RC2 - (.Dominating Bytes Design.)

O42 - Logiciel: USB Disk Security 5.1.0.15 - (.zbshareware, Inc..)

O42 - Logiciel: Unlocker 1.8.7 - (.Cedrick Collomb.)

O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.)

O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).)

O42 - Logiciel: WinZip 12.0 - (.WinZip Computing, S.L. .)

O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.)

O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.)

O42 - Logiciel: Yahoo! Widgets - (.Yahoo! Inc..)

O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.)

O42 - Logiciel: eMule - (.Pas de propriétaire.)

O42 - Logiciel: kuler - (.Adobe Systems Incorporated.)

O42 - Logiciel: µTorrent - (.Pas de propriétaire.)

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Aspell

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\AvRack

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\CIEL

O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- C:\Program Files\DAP

O43 - CFD:Common File Directory ----D- C:\Program Files\ESET

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Download Manager

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Maestria

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\MediaCoder

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\Notepad++

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security

O43 - CFD:Common File Directory ----D- C:\Program Files\Panda USB Vaccine

O43 - CFD:Common File Directory ----D- C:\Program Files\Pidgin

O43 - CFD:Common File Directory ----D- C:\Program Files\PowerISO

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek Sound Manager

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedBit Toolbar

O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedBit Video Accelerator

O43 - CFD:Common File Directory ----D- C:\Program Files\SpeedOptimizer

O43 - CFD:Common File Directory ----D- C:\Program Files\Spyware Terminator

O43 - CFD:Common File Directory ----D- C:\Program Files\SuperCopier2

O43 - CFD:Common File Directory ----D- C:\Program Files\Teamspeak2_RC2

O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker

O43 - CFD:Common File Directory ----D- C:\Program Files\USB Disk Security

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Visicom Media

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!

O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe AIR

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\GTK

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Macrovision Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SAGE

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.CF9B00B095015824262AB19D74EABEE4] - 26/01/2010 - 11:01:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini

O44 - LFC:[MD5.00000000000000000000000000000000] - 26/01/2010 - 08:27:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/01/2010 - 08:21:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 26/01/2010 - 08:20:59 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat

O44 - LFC:[MD5.00000000000000000000000000000000] - 25/01/2010 - 17:06:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt

O44 - LFC:[MD5.BF95ADBB06B6D584247095663A9882D3] - 25/01/2010 - 14:21:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET

O44 - LFC:[MD5.411D82E871CE066FAE6AAEF7476AE160] - 25/01/2010 - 11:58:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ie8_main.log

O44 - LFC:[MD5.41B641D8D70BBC86FAA89EDA017A0068] - 25/01/2010 - 08:11:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl

O44 - LFC:[MD5.0C9A92D3FBE677CA532DAA561A163602] - 20/01/2010 - 17:18:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\CielVideo.ini

O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 19/01/2010 - 08:40:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini

O44 - LFC:[MD5.1E28E85C0C3C2C6A6AC15B6E4C2B2406] - 12/01/2010 - 10:31:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT

O44 - LFC:[MD5.8CEECDADC9B14DEC73B512CF62A360F9] - 12/01/2010 - 10:17:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\d3d9caps.dat

O44 - LFC:[MD5.72D3C3B9B24EABBA930B778F2DDE0B83] - 12/01/2010 - 10:13:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\DirectX.log

O44 - LFC:[MD5.DD38E505F7FDC34C4EA6F8FEFFDDAA1E] - 12/01/2010 - 10:13:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log

O44 - LFC:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

O44 - LFC:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 10:43:50 ---A- C:\WINDOWS\Prefetch\7ZG.EXE-04CCF0C9.pf

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 14:29:47 ---A- C:\WINDOWS\Prefetch\MSACCESS.EXE-175F0AD1.pf

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 14:47:59 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9C.pf

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 15:13:05 ---A- C:\WINDOWS\Prefetch\NWC2VIEW.EXE-3257FFC5.pf

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 17:08:21 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4BF01A28.pf

O45 - LFCP:Last File Created Prefetch 14/01/2010 - 17:08:43 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-411586B0.pf

O45 - LFCP:Last File Created Prefetch 15/01/2010 - 12:08:31 ---A- C:\WINDOWS\Prefetch\GOOGLETALK.EXE-17DCCC56.pf

O45 - LFCP:Last File Created Prefetch 15/01/2010 - 17:04:59 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3C590097.pf

O45 - LFCP:Last File Created Prefetch 15/01/2010 - 17:05:05 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FC09234.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 08:20:36 ---A- C:\WINDOWS\Prefetch\SPYWARETERMINATORUPDATE.EXE-223FCAC3.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 08:20:36 ---A- C:\WINDOWS\Prefetch\SUPERCOPIER2.EXE-05742BB9.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 08:20:36 ---A- C:\WINDOWS\Prefetch\VIDEOACCELERATOR.EXE-2A9A2DEF.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 08:25:44 ---A- C:\WINDOWS\Prefetch\DW20.EXE-0F7C73AD.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 11:39:56 ---A- C:\WINDOWS\Prefetch\ADOBELM_CLEANUP.0001-36AA6DF6.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 11:39:57 ---A- C:\WINDOWS\Prefetch\ADOBELMSVC.EXE-004A961E.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 11:54:52 ---A- C:\WINDOWS\Prefetch\ACROBAT.EXE-3A2333BF.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 15:27:54 ---A- C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 16:49:36 ---A- C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf

O45 - LFCP:Last File Created Prefetch 19/01/2010 - 17:07:05 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-25D59BB5.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 12:31:17 ---A- C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 12:51:25 ---A- C:\WINDOWS\Prefetch\CDISPLAY.EXE-1113476A.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 16:19:16 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.EXE-0DFCD841.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 16:19:17 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.TMP-3700695F.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 16:19:43 ---A- C:\WINDOWS\Prefetch\MBAMGUI.EXE-1286D63B.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 16:19:46 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf

O45 - LFCP:Last File Created Prefetch 20/01/2010 - 17:18:27 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-37B1051A.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 12:32:05 ---A- C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 14:50:39 ---A- C:\WINDOWS\Prefetch\PCA.EXE-1EC3C7CA.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 14:52:02 ---A- C:\WINDOWS\Prefetch\RAV.EXE-029B63ED.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:30:30 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-146D9EC8.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:30:57 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:32:35 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:32:38 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:32:40 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 15:32:51 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf

O45 - LFCP:Last File Created Prefetch 21/01/2010 - 17:11:36 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-4685ECEE.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 08:33:40 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 08:33:40 ---A- C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 12:00:02 ---A- C:\WINDOWS\Prefetch\AVSCAN.EXE-07FC469C.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 13:07:42 ---A- C:\WINDOWS\Prefetch\ACROBATINFO.EXE-363A65B6.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 13:39:44 ---A- C:\WINDOWS\Prefetch\RSIT.EXE-18C3EF6C.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 13:40:06 ---A- C:\WINDOWS\Prefetch\COMPTA 01.EXE-137BAD76.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 14:16:07 ---A- C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 14:16:15 ---A- C:\WINDOWS\Prefetch\JAVAWS.EXE-021AC9A9.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 15:20:13 ---A- C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf

O45 - LFCP:Last File Created Prefetch 22/01/2010 - 15:25:14 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-14C5BF7B.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 11:57:57 ---A- C:\WINDOWS\Prefetch\IE8-WINDOWSXP-X86-FRA.EXE-2665C643.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 11:58:14 ---A- C:\WINDOWS\Prefetch\IESETUP.EXE-1B9E9944.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:00:44 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:00:44 ---A- C:\WINDOWS\Prefetch\SPYWARETERMINATOR.EXE-0C0A5116.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:00:44 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:05:06 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:05:07 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:05:10 ---A- C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:17:42 ---A- C:\WINDOWS\Prefetch\ZHP2.EXE-3374FBD7.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:17:50 ---A- C:\WINDOWS\Prefetch\SUBINACL.EXE-201AFEEC.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:19:14 ---A- C:\WINDOWS\Prefetch\LADS.EXE-03C288C9.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 14:19:19 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0180118E.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 16:39:00 ---A- C:\WINDOWS\Prefetch\WINMINE.EXE-0A3838A4.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 16:46:03 ---A- C:\WINDOWS\Prefetch\MSHEARTS.EXE-0D7FE295.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 16:55:34 ---A- C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf

O45 - LFCP:Last File Created Prefetch 25/01/2010 - 17:04:49 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BA788F3.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\CAPM1LAK.EXE-1B74BED1.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\CAPM1SWK.EXE-2787F23D.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\DOS OPTIMIZER.PIF-1F44C620.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\IDMAN.EXE-1682C990.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:41 ---A- C:\WINDOWS\Prefetch\UTORRENT.EXE-2318CEBC.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:42 ---A- C:\WINDOWS\Prefetch\IEMONITOR.EXE-2D8B91C4.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:42 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:22:42 ---A- C:\WINDOWS\Prefetch\YAHOOWIDGETS.EXE-21E9B73B.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:23:29 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:26:34 ---A- C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 08:37:42 ---A- C:\WINDOWS\Prefetch\PIDGIN.EXE-280DB919.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 09:01:21 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 09:01:25 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 10:11:15 ---A- C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 10:19:31 ---A- C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 10:19:35 ---A- C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 11:01:58 ---A- C:\WINDOWS\Prefetch\WK.EXE-06C2951D.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 11:38:48 ---A- C:\WINDOWS\Prefetch\GUARDGUI.EXE-00ECD849.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 11:39:23 ---A- C:\WINDOWS\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 11:39:33 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 11:39:34 ---A- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 12:00:02 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-2577D203.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 12:00:44 ---A- C:\WINDOWS\Prefetch\AVNOTIFY.EXE-05ED5FD8.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 12:33:59 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:23:41 ---A- C:\WINDOWS\Prefetch\ZHPDIAG 1.25.03.EXE-3396BDA3.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:23:42 ---A- C:\WINDOWS\Prefetch\ZHPDIAG 1.25.03.TMP-216B6BD2.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:23:59 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:27:38 ---A- C:\WINDOWS\Prefetch\LADS.EXE-06335087.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:27:40 ---A- C:\WINDOWS\Prefetch\SUBINACL.EXE-17974576.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:31:23 ---A- C:\WINDOWS\Prefetch\AVWSC.EXE-0283F9DD.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:33:17 ---A- C:\WINDOWS\Prefetch\SIGCHECK.EXE-306CABDB.pf

O45 - LFCP:Last File Created Prefetch 26/01/2010 - 13:33:24 ---A- C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

---\\ Export de clé d'application autorisée (ECAA)(O47)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

O47 - AAKE:Key Export SP - "D:\Emule\emule.exe"="D:\Emule\emule.exe:*:Enabled:eMule"

O47 - AAKE:Key Export SP - "C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"

O47 - AAKE:Key Export SP - "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

O47 - AAKE:Key Export SP - "C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"

O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"

O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"

O47 - AAKE:Key Export SP - "D:\tor\uTorrent.exe"="D:\tor\uTorrent.exe:*:Enabled:µTorrent"

O47 - AAKE:Key Export SP - "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys . (.Pas de propriétaire - Pas de description.) -- (not file)

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

---\\ Trojan Driver Search Data (TDSD) (O52)

O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv" . (.Microsoft Corporation - Pilote de minuteur pour les compatibles PC.) -- C:\WINDOWS\System32\timer.drv

O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll" . (.Microsoft Corporation - Mappeur MIDI Microsoft.) -- C:\WINDOWS\System32\midimap.dll

O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm" . (.Microsoft Corporation - Codec IMA ADPCM pour MSACM.) -- C:\WINDOWS\System32\imaadp32.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm" . (.Microsoft Corporation - Codec Microsoft ADPCM pour MSACM.) -- C:\WINDOWS\System32\msadp32.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm" . (.Microsoft Corporation - CODEC A-Law et u-Law pour MSACM Microsoft CCITT G.711.) -- C:\WINDOWS\System32\msg711.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm" . (.Microsoft Corporation - Codec audio Microsoft GSM 6.10 pour MSACM.) -- C:\WINDOWS\System32\msgsm32.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="msh263.drv" . (.Microsoft Corporation - Pilote Microsoft H.263 ICM.) -- C:\WINDOWS\System32\msh263.drv

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll" . (.Microsoft Corporation - Intel Indeo® Video YUV Codec.) -- C:\WINDOWS\System32\iyuv_32.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll" . (.Microsoft Corporation - Compresseur Microsoft RLE.) -- C:\WINDOWS\System32\msrle32.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll" . (.Microsoft Corporation - Compresseur Microsoft Vidéo 1.) -- C:\WINDOWS\System32\msvidc32.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll" . (.Microsoft Corporation - Microsoft UYVY Video Decompressor.) -- C:\WINDOWS\System32\msyuv.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll" . (.Microsoft Corporation - Microsoft UYVY Video Decompressor.) -- C:\WINDOWS\System32\msyuv.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll" . (.Microsoft Corporation - Toshiba Video Codec.) -- C:\WINDOWS\System32\tsbyuv.dll

O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll" . (.Microsoft Corporation - Microsoft UYVY Video Decompressor.) -- C:\WINDOWS\System32\msyuv.dll

O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv" . (.Microsoft Corporation - Mappeur de sons Microsoft.) -- C:\WINDOWS\System32\msacm32.drv

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm" . (.Microsoft Corporation - Codec Microsoft G.723.1 pour MSACM.) -- C:\WINDOWS\System32\msg723.acm

O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv" . (.Microsoft Corporation - Pilote Microsoft H.263 ICM.) -- C:\WINDOWS\System32\msh263.drv

O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv" . (.Microsoft Corporation - Pilote ICM Microsoft H.261.) -- C:\WINDOWS\System32\msh261.drv

O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm" . (.Microsoft Corporation - Windows Media Audio.) -- C:\WINDOWS\System32\msaud32.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm

O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv" . (.Microsoft Corporation - WDM Audio driver mapper.) -- C:\WINDOWS\System32\wdmaud.drv

O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv" . (.Microsoft Corporation - WDM Audio driver mapper.) -- C:\WINDOWS\System32\wdmaud.drv

O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv" . (.Microsoft Corporation - WDM Audio driver mapper.) -- C:\WINDOWS\System32\wdmaud.drv

O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm" . (.Microsoft Corporation - Lernout & Hauspie Codecs.) -- C:\WINDOWS\System32\lhacm.acm

O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec" . (.Microsoft Corporation - Windows Media Audio.) -- C:\WINDOWS\System32\msaud32.acm

O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (not file)

O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm

O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Realtek AC'97 Audio" . (.Microsoft Corporation - WDM Audio driver mapper.) -- C:\WINDOWS\System32\wdmaud.drv

O52 - TDSD:HKLM\...\drivers.desc\"lhacm.acm"="lhacm.acm" . (.Microsoft Corporation - Lernout & Hauspie Codecs.) -- C:\WINDOWS\System32\lhacm.acm

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NofolderOptions"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoFind"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoFolderOptions"=0

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.0BD94FBFC14EA3606CD6CA4C0255BAA3] - 19/08/2004 - 16:51:56 ---A- . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\WINDOWS\system32\drivers\acpi.sys

O58 - SDL:[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - 04/08/2004 - 00:14:16 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\system32\drivers\afd.sys

O58 - SDL:[MD5.A8407775E1B64057418781481B202930] - 31/03/2006 - 15:38:48 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys

O58 - SDL:[MD5.F7DDE198231BE379DF7F9E1FD6777BFF] - 19/08/2004 - 16:52:42 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\drivers\amdk6.sys

O58 - SDL:[MD5.F0D692B0BFFB46E30EB3CEA168BBC49F] - 03/08/2004 - 23:58:30 ---A- . (.Microsoft Corporation - IP/1394 Arp Client.) -- C:\WINDOWS\system32\drivers\arp1394.sys

O58 - SDL:[MD5.EC88DA854AB7D7752EC8BE11A741BB7F] - 03/08/2004 - 23:58:32 ---A- . (.Microsoft Corporation - IP/ATM Arp Client.) -- C:\WINDOWS\system32\drivers\atmarpc.sys

O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - ATM Ethernet Encapsulation Intermediate Driver.) -- C:\WINDOWS\system32\drivers\atmepvc.sys

O58 - SDL:[MD5.0128E78FE835F074E469F03DB681CA9E] - 03/08/2004 - 23:58:36 ---A- . (.Microsoft Corporation - ATM Lan Emulation Driver.) -- C:\WINDOWS\system32\drivers\atmlane.sys

O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - ATM UNI Call Manager.) -- C:\WINDOWS\system32\drivers\atmuni.sys

O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 17/08/2001 - 23:59:44 ---A- . (.Microsoft Corporation - AudStub Driver.) -- C:\WINDOWS\system32\drivers\audstub.sys

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 13:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 09/12/2009 - 12:09:28 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.5ACEA1331BD4D9DAD232A23CFD7616BF] - 13/02/2009 - 13:29:11 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.452E382340BB0C5E694ED9D3625356D0] - 30/03/2009 - 11:33:07 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.E4E6A0922E3D983728C9AD4E8D466954] - 03/08/2004 - 23:59:58 ---A- . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\WINDOWS\system32\drivers\bridge.sys

O58 - SDL:[MD5.7F599E8BCC5EBC78FA711E9E55EEA40C] - 20/01/2002 - 17:00:00 ---A- . (.CANON INC. - Canon Advanced Printing Technology Parallel Port Driver.) -- C:\WINDOWS\system32\drivers\CAPM1LP.SYS

O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - CardBus/PCMCIA IDE Miniport Driver.) -- C:\WINDOWS\system32\drivers\cbidf2k.sys

O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - CD-ROM Audio Filter Driver.) -- C:\WINDOWS\system32\drivers\cdaudio.sys

O58 - SDL:[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - 04/08/2004 - 00:14:12 ---A- . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\system32\drivers\cdfs.sys

O58 - SDL:[MD5.AF9C19B3100FE010496B1A27181FBF72] - 03/08/2004 - 23:59:54 ---A- . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\system32\drivers\cdrom.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.D86173B401470F06D9810F7962969DDF] - 04/08/2004 - 00:14:28 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\WINDOWS\system32\drivers\classpnp.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 15:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.3B2457605666FD854E738C3D25859CA3] - 19/08/2004 - 16:59:26 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\drivers\crusoe.sys

O58 - SDL:[MD5.00CA44E4534865F8A3B64F7C0984BFF0] - 03/08/2004 - 23:59:56 ---A- . (.Microsoft Corporation - PnP Disk Driver.) -- C:\WINDOWS\system32\drivers\disk.sys

O58 - SDL:[MD5.D16C81677A9BE399C63CD2EA486472A5] - 03/08/2004 - 23:59:54 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\WINDOWS\system32\drivers\diskdump.sys

O58 - SDL:[MD5.E2D3B7620310FE56685F9B15A6B404B3] - 19/08/2004 - 17:01:16 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\drivers\dmboot.sys

O58 - SDL:[MD5.C77F5C20AA70197A69AA84BAA9DE43C8] - 19/08/2004 - 17:01:22 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\drivers\dmio.sys

O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\drivers\dmload.sys

O58 - SDL:[MD5.A6F881284AC1150E37D9AE47FF601267] - 04/08/2004 - 00:07:40 ---A- . (.Microsoft Corporation - Microsoft Kernel DLS Synthesizer.) -- C:\WINDOWS\system32\drivers\dmusic.sys

O58 - SDL:[MD5.FF86422268DE771D571E123EB7092C6A] - 04/08/2004 - 00:08:00 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\WINDOWS\system32\drivers\drmk.sys

O58 - SDL:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 04/08/2004 - 00:07:58 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Audio Descrambler Filter.) -- C:\WINDOWS\system32\drivers\drmkaud.sys

O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - DirectX API Driver.) -- C:\WINDOWS\system32\drivers\dxapi.sys

O58 - SDL:[MD5.D3DAC8432110AAD0B02A58B4459AB835] - 04/08/2004 - 00:00:56 ---A- . (.Microsoft Corporation - DirectX Graphics Driver.) -- C:\WINDOWS\system32\drivers\dxg.sys

O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - DirectX Graphics Driver Thunk.) -- C:\WINDOWS\system32\drivers\dxgthk.sys

O58 - SDL:[MD5.3117F595E9615E04F05A54FC15A03B20] - 04/08/2004 - 00:14:18 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\WINDOWS\system32\drivers\fastfat.sys

O58 - SDL:[MD5.CED2E8396A8838E59D8FD529C680E02C] - 03/08/2004 - 23:59:28 ---A- . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\WINDOWS\system32\drivers\fdc.sys

O58 - SDL:[MD5.8B121FF880683607AB2AEF0340721718] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\system32\drivers\fips.sys

O58 - SDL:[MD5.0DD1DE43115B93F4D85E889D7A86F548] - 03/08/2004 - 23:59:28 ---A- . (.Microsoft Corporation - Floppy Driver.) -- C:\WINDOWS\system32\drivers\flpydisk.sys

O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote vidéo plein écran.) -- C:\WINDOWS\system32\drivers\fsvga.sys

O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\WINDOWS\system32\drivers\fs_rec.sys

O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote de disque à FT.) -- C:\WINDOWS\system32\drivers\ftdisk.sys

O58 - SDL:[MD5.378055AB8DDA86228683C697C4E11685] - 04/08/2004 - 00:08:20 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\WINDOWS\system32\drivers\hidclass.sys

O58 - SDL:[MD5.5FFF41CD5108E9051D255C37825AF697] - 04/08/2004 - 00:08:18 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\WINDOWS\system32\drivers\hidparse.sys

O58 - SDL:[MD5.D1EFCBD693B5BA21314D06368C471070] - 19/08/2004 - 16:56:40 ---A- . (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\system32\drivers\i8042prt.sys

O58 - SDL:[MD5.25EDD75E23C5EF6B33D0FBCCE125A601] - 15/08/2005 - 13:08:26 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys

O58 - SDL:[MD5.9C4BBACF4E9B9543C3CE23F1FE556941] - 15/08/2005 - 13:08:26 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys

O58 - SDL:[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - 04/08/2004 - 00:00:16 ---A- . (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\system32\drivers\imapi.sys

O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys

O58 - SDL:[MD5.E1EC7F5DA720B640CD8FB8424F1B14BB] - 04/08/2004 - 00:04:46 ---A- . (.Microsoft Corporation - IP in IP Encapsulation Driver.) -- C:\WINDOWS\system32\drivers\ipinip.sys

O58 - SDL:[MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - 04/08/2004 - 00:04:52 ---A- . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\drivers\ipnat.sys

O58 - SDL:[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - 04/08/2004 - 00:14:30 ---A- . (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\system32\drivers\ipsec.sys

O58 - SDL:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 04/08/2004 - 00:00:48 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\WINDOWS\system32\drivers\irenum.sys

O58 - SDL:[MD5.54632F1A7DE61DC3615D756F2A90FA72] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\WINDOWS\system32\drivers\isapnp.sys

O58 - SDL:[MD5.D93CAD07C5683DB066B0B2D2D3790EAD] - 04/08/2004 - 00:07:50 ---A- . (.Microsoft Corporation - Kernel Mode Audio Mixer.) -- C:\WINDOWS\system32\drivers\kmixer.sys

O58 - SDL:[MD5.B9540E258F952650DE8DEC68719A5C97] - 04/08/2004 - 00:15:22 ---A- . (.Microsoft Corporation - Kernel CSA Library.) -- C:\WINDOWS\system32\drivers\ks.sys

O58 - SDL:[MD5.EB7FFE87FD367EA8FCA0506F74A87FBB] - 03/08/2004 - 23:59:48 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\system32\drivers\ksecdd.sys

O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Medium changer class driver.) -- C:\WINDOWS\system32\drivers\mcd.sys

O58 - SDL:[MD5.729D83E56C29C510258A6E9E79FFDDC3] - 04/08/2004 - 00:07:46 ---A- . (.Microsoft Corporation - Multifunction Enumerator.) -- C:\WINDOWS\system32\drivers\mf.sys

O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Frame buffer simulator.) -- C:\WINDOWS\system32\drivers\mnmdd.sys

O58 - SDL:[MD5.5AC7E16F5B40A6DA14B5F2B3ADA4693E] - 19/08/2004 - 16:52:28 ---A- . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\WINDOWS\system32\drivers\modem.sys

O58 - SDL:[MD5.7D4F19411BD941E1D432A99E24230386] - 19/08/2004 - 16:52:34 ---A- . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\WINDOWS\system32\drivers\mouclass.sys

O58 - SDL:[MD5.65653F3B4477F3C63E68A9659F85EE2E] - 03/08/2004 - 23:58:32 ---A- . (.Microsoft Corporation - Mount Manager.) -- C:\WINDOWS\system32\drivers\mountmgr.sys

O58 - SDL:[MD5.DB07B0088CDFD20C2A22E675120EDE34] - 03/08/2004 - 23:58:22 ---A- . (.Microsoft Corporation - Windows NT MQ Access Control Device Driver.) -- C:\WINDOWS\system32\drivers\mqac.sys

O58 - SDL:[MD5.46EDCC8F2DB2F322C24F48785CB46366] - 04/08/2004 - 00:00:58 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\WINDOWS\system32\drivers\mrxdav.sys

O58 - SDL:[MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - 04/08/2004 - 00:15:18 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

O58 - SDL:[MD5.561B3A4333CA2DBDBA28B5B956822519] - 04/08/2004 - 00:00:42 ---A- . (.Microsoft Corporation - Mailslot driver.) -- C:\WINDOWS\system32\drivers\msfs.sys

O58 - SDL:[MD5.C0F1D4A21DE5A415DF8170616703DEBF] - 04/08/2004 - 00:04:14 ---A- . (.Microsoft Corporation - MS General Packet Classifier.) -- C:\WINDOWS\system32\drivers\msgpc.sys

O58 - SDL:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 03/08/2004 - 23:58:42 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\system32\drivers\mskssrv.sys

O58 - SDL:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 03/08/2004 - 23:58:40 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\system32\drivers\mspclock.sys

O58 - SDL:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 03/08/2004 - 23:58:42 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\system32\drivers\mspqm.sys

O58 - SDL:[MD5.82035E0F41C2DD05AE41D27FE6CF7DE1] - 04/08/2004 - 00:15:22 ---A- . (.Microsoft Corporation - Multiple UNC Provider driver.) -- C:\WINDOWS\system32\drivers\mup.sys

O58 - SDL:[MD5.08D43BBDACDF23F34D79E44ED35C1B4C] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\WINDOWS\system32\drivers\ndistapi.sys

O58 - SDL:[MD5.34D6CD56409DA9A7ED573E1C90A308BF] - 04/08/2004 - 00:03:14 ---A- . (.Microsoft Corporation - NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\ndisuio.sys

O58 - SDL:[MD5.0B90E255A9490166AB368CD55A529893] - 04/08/2004 - 00:14:32 ---A- . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\WINDOWS\system32\drivers\ndiswan.sys

O58 - SDL:[MD5.59FC3FB44D2669BC144FD87826BB571F] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NDIS Proxy.) -- C:\WINDOWS\system32\drivers\ndproxy.sys

O58 - SDL:[MD5.3A2ACA8FC1D7786902CA434998D7CEB4] - 04/08/2004 - 00:03:22 ---A- . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\WINDOWS\system32\drivers\netbios.sys

O58 - SDL:[MD5.0C80E410CD2F47134407EE7DD19CC86B] - 04/08/2004 - 00:14:38 ---A- . (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\system32\drivers\netbt.sys

O58 - SDL:[MD5.5C5C53DB4FEF16CF87B9911C7E8C6FBC] - 03/08/2004 - 23:58:30 ---A- . (.Microsoft Corporation - IEEE1394 Ndis Miniport and Call Manager.) -- C:\WINDOWS\system32\drivers\nic1394.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.60CF8C7192B3614F240838DDBAA4A245] - 03/08/2004 - 23:59:52 ---A- . (.Microsoft Corporation - Netmon NT Driver.) -- C:\WINDOWS\system32\drivers\nmnt.sys

O58 - SDL:[MD5.4F601BCB8F64EA3AC0994F98FED03F8E] - 04/08/2004 - 00:00:44 ---A- . (.Microsoft Corporation - NPFS Driver.) -- C:\WINDOWS\system32\drivers\npfs.sys

O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NWLINK2 Traffic Filter Driver.) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys

O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NWLINK2 Forwarder Driver.) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys

O58 - SDL:[MD5.79EA3FCDA7067977625B3363A2657C80] - 04/08/2004 - 00:03:36 ---A- . (.Microsoft Corporation - NWLINK2 IPX Protocol Driver.) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys

O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NWLINK2 IPX Netbios Protocol Driver.) -- C:\WINDOWS\system32\drivers\nwlnknb.sys

O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - NWLINK2 SPX Protocol Driver.) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys

O58 - SDL:[MD5.03373A79440473062C6F3AEDEC6A49C8] - 04/08/2004 - 00:02:24 ---A- . (.Microsoft Corporation - NetWare Redirector File System Driver.) -- C:\WINDOWS\system32\drivers\nwrdr.sys

O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - ACPI Operation Registration Driver.) -- C:\WINDOWS\system32\drivers\oprghdlr.sys

O58 - SDL:[MD5.136E0CEA9BD1C42066692DECFA5C6418] - 19/08/2004 - 16:51:42 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\drivers\p3.sys

O58 - SDL:[MD5.318696359AC7DF48D1E51974EC527DD2] - 19/08/2004 - 16:51:44 ---A- . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\system32\drivers\parport.sys

O58 - SDL:[MD5.3334430C29DC338092F79C38EF7B4CD0] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Partition Manager.) -- C:\WINDOWS\system32\drivers\partmgr.sys

O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote parallèle VDM.) -- C:\WINDOWS\system32\drivers\parvdm.sys

O58 - SDL:[MD5.3ADB8BD6154A3EF87496E8FCE9C22493] - 30/06/2009 - 09:37:16 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\WINDOWS\system32\drivers\pavboot.sys

O58 - SDL:[MD5.7C5DA5C1ED801AD8B0309D5514F0B75E] - 19/08/2004 - 16:52:04 ---A- . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\WINDOWS\system32\drivers\pci.sys

O58 - SDL:[MD5.F4BFDE7209C14A07AAA61E4D6AE69EAC] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Pilote de bus générique PCI IDE.) -- C:\WINDOWS\system32\drivers\pciide.sys

O58 - SDL:[MD5.520B91AB011456B940D9B05FC91108FF] - 03/08/2004 - 23:59:42 ---A- . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\WINDOWS\system32\drivers\pciidex.sys

O58 - SDL:[MD5.641DA274E163617EA7A33506BC6DA8E3] - 19/08/2004 - 16:52:10 ---A- . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\WINDOWS\system32\drivers\pcmcia.sys

O58 - SDL:[MD5.5B0F00E43A7094C0B7E433CB42C79164] - 04/08/2004 - 00:15:50 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport Devices).) -- C:\WINDOWS\system32\drivers\portcls.sys

O58 - SDL:[MD5.F480712B761E538BC8E44EDE60F3A3C3] - 19/08/2004 - 16:53:28 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\drivers\processr.sys

O58 - SDL:[MD5.48671F327553DCF1D27F6197F622A668] - 04/08/2004 - 00:04:20 ---A- . (.Microsoft Corporation - MS QoS Packet Scheduler.) -- C:\WINDOWS\system32\drivers\psched.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 15:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\WINDOWS\system32\drivers\rasacd.sys

O58 - SDL:[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - 04/08/2004 - 00:14:24 ---A- . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\system32\drivers\rasl2tp.sys

O58 - SDL:[MD5.7306EEED8895454CBED4669BE9F79FAA] - 04/08/2004 - 00:05:08 ---A- . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\WINDOWS\system32\drivers\raspppoe.sys

O58 - SDL:[MD5.1C5CC65AAC0783C344F16353E60B72AC] - 04/08/2004 - 00:14:28 ---A- . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\WINDOWS\system32\drivers\raspptp.sys

O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - PTI DirectParallel® mini-port/call-manager driver.) -- C:\WINDOWS\system32\drivers\raspti.sys

O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Raw WAN Transport.) -- C:\WINDOWS\system32\drivers\rawwan.sys

O58 - SDL:[MD5.29D66245ADBA878FFF574CD66ABD2884] - 04/08/2004 - 00:20:08 ---A- . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\WINDOWS\system32\drivers\rdbss.sys

O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\drivers\rdpcdd.sys

O58 - SDL:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 04/08/2004 - 00:01:16 ---A- . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\system32\drivers\rdpdr.sys

O58 - SDL:[MD5.D4F5643D7714EF499AE9527FDCD50894] - 19/08/2004 - 17:10:20 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\drivers\rdpwd.sys

O58 - SDL:[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - 19/08/2004 - 16:54:52 ---A- . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\system32\drivers\redbook.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.35E81B908AE4E97FC7BDF4607C516FF4] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\WINDOWS\system32\drivers\RMCast.sys

O58 - SDL:[MD5.7CE8B277F3207EA82D7D22AD348BEFC6] - 04/08/2004 - 00:04:32 ---A- . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\WINDOWS\system32\drivers\rndismp.sys

O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\WINDOWS\system32\drivers\rootmdm.sys

O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 03/08/2004 - 23:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\rtl8139.sys

O58 - SDL:[MD5.46B50C07ABFDA51D9B22212EAEB82D2B] - 20/01/2007 - 10:11:07 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\WINDOWS\system32\drivers\scdemu.sys

O58 - SDL:[MD5.D7FD0FF761E28AC0EA35AD71E0CD67E9] - 03/08/2004 - 23:59:42 ---A- . (.Microsoft Corporation - SCSI Port Driver.) -- C:\WINDOWS\system32\drivers\scsiport.sys

O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.A2D868AEEFF612E70E213C451A70CAFB] - 03/08/2004 - 23:59:08 ---A- . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\WINDOWS\system32\drivers\serenum.sys

O58 - SDL:[MD5.653201755CA96AB4AAA4131DAF6DA356] - 19/08/2004 - 16:56:40 ---A- . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\WINDOWS\system32\drivers\serial.sys

O58 - SDL:[MD5.0D13B6DF6E9E101013A7AFB0CE629FE0] - 03/08/2004 - 23:59:56 ---A- . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\WINDOWS\system32\drivers\sfloppy.sys

O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Smard Card Driver Library.) -- C:\WINDOWS\system32\drivers\smclib.sys

O58 - SDL:[MD5.ADDC9E4757A68AB60562AD3CB9C288D6] - 04/08/2004 - 00:09:56 ---A- . (.Microsoft Corporation - 1394 Desktop Camera Driver.) -- C:\WINDOWS\system32\drivers\sonydcam.sys

O58 - SDL:[MD5.8E186B8F23295D1E42C573B82B80D548] - 04/08/2004 - 00:07:48 ---A- . (.Microsoft Corporation - Microsoft Kernel Audio Splitter.) -- C:\WINDOWS\system32\drivers\splitter.sys

O58 - SDL:[MD5.00000000000000000000000000000000] - 14/08/2009 - 01:17:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sptd.sys

O58 - SDL:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 22/07/2009 - 10:31:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys

O58 - SDL:[MD5.B52181023B827ACDA36C1B76751EBFFD] - 19/08/2004 - 17:04:58 ---A- . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du.) -- C:\WINDOWS\system32\drivers\sr.sys

O58 - SDL:[MD5.20B7E396720353E4117D64D9DCB926CA] - 04/08/2004 - 00:14:46 ---A- . (.Microsoft Corporation - Server driver.) -- C:\WINDOWS\system32\drivers\srv.sys

O58 - SDL:[MD5.654DFEA96BC82B4ACDA4F37E5E4A3BBF] - 11/05/2009 - 11:12:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.C43356072EB3E88CD62958DB10CEAD47] - 04/08/2004 - 00:08:04 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\WINDOWS\system32\drivers\stream.sys

O58 - SDL:[MD5.03C1BAE4766E2450219D20B993D6E046] - 03/08/2004 - 23:58:42 ---A- . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\WINDOWS\system32\drivers\swenum.sys

O58 - SDL:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 17/08/2001 - 23:00:52 ---A- . (.Microsoft Corporation - Microsoft GS Wavetable Synthesizer.) -- C:\WINDOWS\system32\drivers\swmidi.sys

O58 - SDL:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 04/08/2004 - 00:15:56 ---A- . (.Microsoft Corporation - System Audio WDM Filter.) -- C:\WINDOWS\system32\drivers\sysaudio.sys

O58 - SDL:[MD5.A2A9CA0D1A9AC1FF54220AA0789FE5CF] - 04/08/2004 - 00:00:00 ---A- . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\WINDOWS\system32\drivers\tape.sys

O58 - SDL:[MD5.4D58BB1AE8841AAFD8790AD7E1E3B8EA] - 04/08/2004 - 00:07:46 ---A- . (.Microsoft Corporation - IPv6 driver.) -- C:\WINDOWS\system32\drivers\tcpip6.sys

O58 - SDL:[MD5.6891B74AB9A016064E82A419388D0601] - 04/08/2004 - 00:07:50 ---A- . (.Microsoft Corporation - TDI Wrapper.) -- C:\WINDOWS\system32\drivers\tdi.sys

O58 - SDL:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 19/08/2004 - 17:10:20 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\drivers\tdpipe.sys

O58 - SDL:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 19/08/2004 - 17:10:20 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\drivers\tdtcp.sys

O58 - SDL:[MD5.A540A99C281D933F3D69D55E48727F47] - 19/08/2004 - 17:10:18 ---A- . (.Microsoft Corporation - Terminal Server Driver.) -- C:\WINDOWS\system32\drivers\termdd.sys

O58 - SDL:[MD5.EB2283C0A4DFBD2E53D14F2C4D5A1E89] - 24/12/2007 - 17:37:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\WINDOWS\system32\drivers\tmcomm.sys

O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - TOSHIBA DVD Stream Minidriver.) -- C:\WINDOWS\system32\drivers\tosdvd.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 15:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.12F70256F140CD7D52C58C7048FDE657] - 04/08/2004 - 00:00:32 ---A- . (.Microsoft Corporation - UDF File System Driver.) -- C:\WINDOWS\system32\drivers\udfs.sys

O58 - SDL:[MD5.AFF2E5045961BBC0A602BB6F95EB1345] - 03/08/2004 - 23:58:34 ---A- . (.Microsoft Corporation - Update Driver.) -- C:\WINDOWS\system32\drivers\update.sys

O58 - SDL:[MD5.AF090265EC388BAB320F1FF7E7A7D5EA] - 04/08/2004 - 00:04:34 ---A- . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\WINDOWS\system32\drivers\usb8023.sys

O58 - SDL:[MD5.2654EECC6FB13603EBDDCD5C8EA943D1] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\usbcamd.sys

O58 - SDL:[MD5.61018BA9DF6B63E51D9753C980E73EC2] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\usbcamd2.sys

O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\WINDOWS\system32\drivers\usbd.sys

O58 - SDL:[MD5.C72F40947F92CEA56A8FB532EDF025F1] - 04/08/2004 - 00:08:44 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\WINDOWS\system32\drivers\usbhub.sys

O58 - SDL:[MD5.2853FD4C4489E0F8BFCF78EFCDB7E998] - 04/08/2004 - 00:08:58 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\usbintel.sys

O58 - SDL:[MD5.2034CA78F9C6E787B4B76D81AC888351] - 04/08/2004 - 00:08:44 ---A- . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\WINDOWS\system32\drivers\usbport.sys

O58 - SDL:[MD5.6CD7B22193718F1D17A47A1CD6D37E75] - 04/08/2004 - 00:08:48 ---A- . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\WINDOWS\system32\drivers\usbstor.sys

O58 - SDL:[MD5.F8FD1400092E23C8F2F31406EF06167B] - 04/08/2004 - 00:08:38 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\WINDOWS\system32\drivers\usbuhci.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.8A60EDD72B4EA5AEA8202DAF0E427925] - 04/08/2004 - 00:07:08 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\drivers\vga.sys

O58 - SDL:[MD5.59CB1338AD3654417BEA49636457F65D] - 03/08/2004 - 23:59:44 ---A- . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\WINDOWS\system32\drivers\viaide.sys

O58 - SDL:[MD5.D5A9D123F5ED7C9965A481BD20CF66D8] - 04/08/2004 - 00:07:06 ---A- . (.Microsoft Corporation - Video Port Driver.) -- C:\WINDOWS\system32\drivers\videoprt.sys

O58 - SDL:[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - 19/08/2004 - 16:59:14 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\system32\drivers\volsnap.sys

O58 - SDL:[MD5.984EF0B9788ABF89974CFED4BFBAACBC] - 04/08/2004 - 00:04:58 ---A- . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\WINDOWS\system32\drivers\wanarp.sys

O58 - SDL:[MD5.2797F33EBF50466020C430EE4F037933] - 04/08/2004 - 00:15:06 ---A- . (.Microsoft Corporation - MMSYSTEM Wave/Midi API mapper.) -- C:\WINDOWS\system32\drivers\wdmaud.sys

O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\WINDOWS\system32\drivers\wmilib.sys

O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 28/08/2001 - 15:00:00 ---A- . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28/08/2002 - 22:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 15:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 23:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 23:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 23:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 23:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

O58 - SDL:[MD5.C9BF2F12C4E6C12F8A85FBA4B6BC6208] - 04/08/2004 - 00:07:34 ---A- . (.Microsoft Corporation - Watchdog Driver.) -- C:\WINDOWS\system32\watchdog.sys

O58 - SDL:[MD5.6B8D8840CC7D6C822FD159613D61EBA3] - 19/08/2004 - 17:00:56 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\WINDOWS\system32\win32k.sys

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 25/01/2010 - 08:12:42 ---A- C:\Documents And Settings\All Users\Application Data\Panda Security\USB Vaccine\Update.ini

O61 - LFC:Last File Created 25/01/2010 - 08:12:55 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\0dafd523bd06cde2b8df4aecd9242226_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 25/01/2010 - 08:12:56 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\be2e75833c217035f6fe6277836d4068_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 25/01/2010 - 08:14:25 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Historique\History.IE5\MSHist012010011820100125\index.dat

O61 - LFC:Last File Created 25/01/2010 - 08:21:58 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BNI EGT NOV09.lnk

O61 - LFC:Last File Created 25/01/2010 - 08:22:23 ---A- C:\Documents And Settings\COMPTA 01\Recent\BNI EGT NOV09.lnk

O61 - LFC:Last File Created 25/01/2010 - 08:44:49 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BNI EGT DEC09.lnk

O61 - LFC:Last File Created 25/01/2010 - 08:47:52 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\d5d771b4.avl

O61 - LFC:Last File Created 25/01/2010 - 08:47:53 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-01-25-08-14-00.log

O61 - LFC:Last File Created 25/01/2010 - 08:49:39 ---A- C:\Documents And Settings\COMPTA 01\Recent\BNI EGT DEC09.lnk

O61 - LFC:Last File Created 25/01/2010 - 08:49:45 ---A- C:\Documents And Settings\COMPTA 01\Recent\RELEVE BCAIRE EGT.lnk

O61 - LFC:Last File Created 25/01/2010 - 08:49:46 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\RELEVE BCAIRE EGT.lnk

O61 - LFC:Last File Created 25/01/2010 - 09:04:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\mimeTypes.rdf

O61 - LFC:Last File Created 25/01/2010 - 09:04:53 ---A- C:\Documents And Settings\COMPTA 01\Recent\Téléchargement.lnk

O61 - LFC:Last File Created 25/01/2010 - 09:04:53 ---A- C:\Documents And Settings\COMPTA 01\Recent\adoree_ramiandramanjato.lnk

O61 - LFC:Last File Created 25/01/2010 - 09:05:28 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\exportation.lnk

O61 - LFC:Last File Created 25/01/2010 - 09:16:56 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BNI COOP NOV09.lnk

O61 - LFC:Last File Created 25/01/2010 - 10:22:28 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BILAN 311209.lnk

O61 - LFC:Last File Created 25/01/2010 - 10:22:28 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\CA.lnk

O61 - LFC:Last File Created 25/01/2010 - 10:27:21 ---A- C:\Documents And Settings\COMPTA 01\Recent\BILAN 311209.lnk

O61 - LFC:Last File Created 25/01/2010 - 10:27:21 ---A- C:\Documents And Settings\COMPTA 01\Recent\CA.lnk

O61 - LFC:Last File Created 25/01/2010 - 11:09:19 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\XUL.mfl

O61 - LFC:Last File Created 25/01/2010 - 12:00:47 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-01-25-12-00-07.log

O61 - LFC:Last File Created 25/01/2010 - 12:00:47 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\02490234.avl

O61 - LFC:Last File Created 25/01/2010 - 12:04:47 ---A- C:\Documents And Settings\COMPTA 01\Recent\BNI COOP NOV09.lnk

O61 - LFC:Last File Created 25/01/2010 - 12:04:57 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BNI COOP DEC09.lnk

O61 - LFC:Last File Created 25/01/2010 - 12:04:57 ---A- C:\Documents And Settings\COMPTA 01\Recent\BNI COOP DEC09.lnk

O61 - LFC:Last File Created 25/01/2010 - 13:03:10 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\bookmarkbackups\bookmarks-2010-01-25.json

O61 - LFC:Last File Created 25/01/2010 - 13:21:27 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Macromedia\Flash Player\#SharedObjects\RPJG6JAU\cdn5.specificclick.net\img\gu.sol

O61 - LFC:Last File Created 25/01/2010 - 13:29:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\dht.dat.old

O61 - LFC:Last File Created 25/01/2010 - 13:29:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\rss.dat.old

O61 - LFC:Last File Created 25/01/2010 - 13:31:44 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\VB11.pip

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.22005

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.68825

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.91226

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.98982

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.30720

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.97502

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.61170

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.22005

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.68825

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.91226

O61 - LFC:Last File Created 25/01/2010 - 13:56:43 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.98982

O61 - LFC:Last File Created 25/01/2010 - 13:56:52 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-01-25 (13-56-52).txt

O61 - LFC:Last File Created 25/01/2010 - 13:59:15 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Historique\History.IE5\MSHist012010012520100126\index.dat

O61 - LFC:Last File Created 25/01/2010 - 13:59:32 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.001.025.0000_patch_4.001.022.000.torrent

O61 - LFC:Last File Created 25/01/2010 - 13:59:35 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\70aae3caedcba5b5d9f3a48af492adb7_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 25/01/2010 - 13:59:35 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\c4595af8bad9d805de1fe1a7af89f866_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 25/01/2010 - 14:00:09 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.001.025.0000_patch_4.001.022.000.cab

O61 - LFC:Last File Created 25/01/2010 - 14:00:10 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\SharedFiles\SPT_38_DB_4.001.025.0000_patch_4.001.022.000.ini

O61 - LFC:Last File Created 25/01/2010 - 14:00:47 ---A- C:\Documents And Settings\All Users\Application Data\Spyware Terminator\BIN_STDATA2.SPT

O61 - LFC:Last File Created 25/01/2010 - 14:08:08 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\EGT FRNS 2009.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:08:09 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\Liste FRNS Compta 2009.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:17:23 ---A- C:\Documents And Settings\COMPTA 01\Recent\EGT FRNS 2009.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:17:24 ---A- C:\Documents And Settings\COMPTA 01\Recent\Liste FRNS Compta 2009.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:17:24 ---A- C:\Documents And Settings\COMPTA 01\Voisinage réseau\D_serveur sur Serveur\target.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:17:24 -SH-- C:\Documents And Settings\COMPTA 01\Voisinage réseau\D_serveur sur Serveur\Desktop.ini

O61 - LFC:Last File Created 25/01/2010 - 14:20:46 ---A- C:\Documents And Settings\COMPTA 01\Recent\Chéquier.lnk

O61 - LFC:Last File Created 25/01/2010 - 14:28:39 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.jeuxvideo.com\settings.sol

O61 - LFC:Last File Created 25/01/2010 - 14:28:39 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol

O61 - LFC:Last File Created 25/01/2010 - 15:08:26 ---A- C:\Documents And Settings\COMPTA 01\Voisinage réseau\Data_2 (H) sur Njara\target.lnk

O61 - LFC:Last File Created 25/01/2010 - 15:08:26 ---A- C:\Documents And Settings\COMPTA 01\Voisinage réseau\Logiciel sur Njara\target.lnk

O61 - LFC:Last File Created 25/01/2010 - 15:08:26 -SH-- C:\Documents And Settings\COMPTA 01\Voisinage réseau\Data_2 (H) sur Njara\Desktop.ini

O61 - LFC:Last File Created 25/01/2010 - 15:08:26 -SH-- C:\Documents And Settings\COMPTA 01\Voisinage réseau\Logiciel sur Njara\Desktop.ini

O61 - LFC:Last File Created 25/01/2010 - 15:22:36 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\downloads.sqlite

O61 - LFC:Last File Created 25/01/2010 - 16:56:07 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt

O61 - LFC:Last File Created 25/01/2010 - 17:00:42 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

O61 - LFC:Last File Created 25/01/2010 - 17:02:49 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Excel\Excel11.xlb

O61 - LFC:Last File Created 25/01/2010 - 17:02:51 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Excel11.pip

O61 - LFC:Last File Created 25/01/2010 - 17:03:13 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\CT1757849\LocalSettings.txt

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\cert8.db

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\cookies.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\firebug\annotations.json

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\key3.db

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\webappsstore.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\_CACHE_001_

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\_CACHE_002_

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\_CACHE_003_

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\_CACHE_MAP_

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\OfflineCache\index.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:04:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\urlclassifier3.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:04:07 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\content-prefs.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:04:07 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\permissions.sqlite

O61 - LFC:Last File Created 25/01/2010 - 17:06:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\dht.dat

O61 - LFC:Last File Created 25/01/2010 - 17:06:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\rss.dat

O61 - LFC:Last File Created 25/01/2010 - 17:06:19 -SH-- C:\Documents And Settings\COMPTA 01\ntuser.ini

O61 - LFC:Last File Created 26/01/2010 - 08:21:01 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini

O61 - LFC:Last File Created 26/01/2010 - 08:21:02 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:21:02 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:21:02 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini

O61 - LFC:Last File Created 26/01/2010 - 08:21:26 -SHA- C:\Documents And Settings\COMPTA 01\Local Settings\desktop.ini

O61 - LFC:Last File Created 26/01/2010 - 08:21:30 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Historique\History.IE5\MSHist012010012620100127\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:21:44 ---A- C:\Documents And Settings\All Users\Application Data\SpeedBit\Video Accelerator\Config.xml

O61 - LFC:Last File Created 26/01/2010 - 08:21:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\DMCache\settings.bak

O61 - LFC:Last File Created 26/01/2010 - 08:21:50 ---A- C:\Documents And Settings\COMPTA 01\Cookies\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:21:50 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:22:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\IDM\defextmap.dat

O61 - LFC:Last File Created 26/01/2010 - 08:22:06 ---A- C:\Documents And Settings\COMPTA 01\Application Data\IDM\urlexclist.dat

O61 - LFC:Last File Created 26/01/2010 - 08:22:11 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\80a9313b397fb0846990196bc9392fe9_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 26/01/2010 - 08:22:13 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1708537768-884357618-725345543-1003\d18e2e160008dc6c659d2ef49f676018_de6d26ed-95c2-465a-8b42-881c9f5824c2

O61 - LFC:Last File Created 26/01/2010 - 08:22:26 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Yahoo\Widget Engine\Update DB\engineupdate.db

O61 - LFC:Last File Created 26/01/2010 - 08:23:07 ---A- C:\Documents And Settings\All Users\Application Data\SpeedBit\SpeedOptimizer3\State.xml

O61 - LFC:Last File Created 26/01/2010 - 08:26:31 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2003.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:26:35 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\Bibliothèque.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:26:35 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\EUROTOOL.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:26:37 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\Chéquier.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:37:27 ---A- C:\Documents And Settings\COMPTA 01\Application Data\SpeedBit\SpeedOptimizer3\Log.txt

O61 - LFC:Last File Created 26/01/2010 - 08:37:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\accels

O61 - LFC:Last File Created 26/01/2010 - 08:40:54 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\icons\d52759022be9666078b12f2d0f2caadd659e2ccc.png

O61 - LFC:Last File Created 26/01/2010 - 08:41:04 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\icons\b17fc3b5d9854582900b9acfc410f6fa8eb9e8ef.png

O61 - LFC:Last File Created 26/01/2010 - 08:41:19 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\blist.xml

O61 - LFC:Last File Created 26/01/2010 - 08:41:28 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BOA EGT NOV09.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:41:33 ---A- C:\Documents And Settings\COMPTA 01\Recent\BOA EGT NOV09.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:41:37 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\BOA INDIVI NOV09.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:41:37 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\RAPPRO.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:41:37 --H-- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\Office\Récent\index.dat

O61 - LFC:Last File Created 26/01/2010 - 08:42:20 ---A- C:\Documents And Settings\COMPTA 01\Recent\BOA INDIVI NOV09.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:42:20 ---A- C:\Documents And Settings\COMPTA 01\Recent\RAPPRO.lnk

O61 - LFC:Last File Created 26/01/2010 - 08:57:36 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\status.xml

O61 - LFC:Last File Created 26/01/2010 - 09:01:19 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG

O61 - LFC:Last File Created 26/01/2010 - 10:11:16 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\temp\jusched.log

O61 - LFC:Last File Created 26/01/2010 - 10:19:38 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\pluginreg.dat

O61 - LFC:Last File Created 26/01/2010 - 10:19:45 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\prefs.js

O61 - LFC:Last File Created 26/01/2010 - 10:22:41 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\96D766F1d01

O61 - LFC:Last File Created 26/01/2010 - 10:23:08 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7E256B3Cd01

O61 - LFC:Last File Created 26/01/2010 - 10:23:08 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\876907FAd01

O61 - LFC:Last File Created 26/01/2010 - 10:23:11 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\61301EA5d01

O61 - LFC:Last File Created 26/01/2010 - 10:24:40 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\urlclassifierkey3.txt

O61 - LFC:Last File Created 26/01/2010 - 10:24:40 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\010A6201d01

O61 - LFC:Last File Created 26/01/2010 - 10:24:43 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\3A6EA482d01

O61 - LFC:Last File Created 26/01/2010 - 10:24:46 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\B4F615B0d01

O61 - LFC:Last File Created 26/01/2010 - 10:26:05 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A1352315d01

O61 - LFC:Last File Created 26/01/2010 - 10:27:00 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\localstore.rdf

O61 - LFC:Last File Created 26/01/2010 - 10:29:58 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\blocklist.xml

O61 - LFC:Last File Created 26/01/2010 - 10:33:39 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\6A1B8936d01

O61 - LFC:Last File Created 26/01/2010 - 10:33:57 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\05B7BA2Bd01

O61 - LFC:Last File Created 26/01/2010 - 10:34:01 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\D717A588d01

O61 - LFC:Last File Created 26/01/2010 - 10:34:11 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\F7EB6E6Ad01

O61 - LFC:Last File Created 26/01/2010 - 10:52:00 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\88CB85E7d01

O61 - LFC:Last File Created 26/01/2010 - 10:52:00 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\BC4DA866d01

O61 - LFC:Last File Created 26/01/2010 - 10:52:01 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A0034047d01

O61 - LFC:Last File Created 26/01/2010 - 10:52:13 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\14265244d01

O61 - LFC:Last File Created 26/01/2010 - 10:52:25 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\AB193525d01

O61 - LFC:Last File Created 26/01/2010 - 10:52:51 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\8185DCA6d01

O61 - LFC:Last File Created 26/01/2010 - 10:53:19 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7AA83EBAd01

O61 - LFC:Last File Created 26/01/2010 - 10:59:37 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\64A8338Dd01

O61 - LFC:Last File Created 26/01/2010 - 11:00:18 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\EFA76948d01

O61 - LFC:Last File Created 26/01/2010 - 11:01:43 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\temp\CK00RES.VDF

O61 - LFC:Last File Created 26/01/2010 - 11:01:43 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\temp\CK00SYS.VDF

O61 - LFC:Last File Created 26/01/2010 - 11:01:55 ---A- C:\Documents And Settings\All Users\Application Data\SpeedBit\SpeedOptimizer3\DB\StartupAppList.xml

O61 - LFC:Last File Created 26/01/2010 - 11:01:55 ---A- C:\Documents And Settings\COMPTA 01\Application Data\SpeedBit\SpeedOptimizer3\DB\StartupAppList.xml

O61 - LFC:Last File Created 26/01/2010 - 11:03:37 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\10B3F616d01

O61 - LFC:Last File Created 26/01/2010 - 11:03:39 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\cookies.sqlite-journal

O61 - LFC:Last File Created 26/01/2010 - 11:03:45 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\FA30DEACd01

O61 - LFC:Last File Created 26/01/2010 - 11:03:58 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\57426FF2d01

O61 - LFC:Last File Created 26/01/2010 - 11:04:03 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\4383FB3Dd01

O61 - LFC:Last File Created 26/01/2010 - 11:04:08 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\117BAF00d01

O61 - LFC:Last File Created 26/01/2010 - 11:04:14 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\296C12A2d01

O61 - LFC:Last File Created 26/01/2010 - 11:04:14 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\9C2F8EFAd01

O61 - LFC:Last File Created 26/01/2010 - 11:04:16 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\1404CDD3d01

O61 - LFC:Last File Created 26/01/2010 - 11:10:01 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\3F57FDDEd01

O61 - LFC:Last File Created 26/01/2010 - 11:10:11 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\20EFCACAd01

O61 - LFC:Last File Created 26/01/2010 - 11:10:21 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\D060E93Ed01

O61 - LFC:Last File Created 26/01/2010 - 11:10:24 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\4C0D4928d01

O61 - LFC:Last File Created 26/01/2010 - 11:10:30 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\3C27144Bd01

O61 - LFC:Last File Created 26/01/2010 - 11:10:53 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7F276744d01

O61 - LFC:Last File Created 26/01/2010 - 11:11:24 ---A- C:\Documents And Settings\COMPTA 01\Recent\HAJA_FLASH (G).lnk

O61 - LFC:Last File Created 26/01/2010 - 11:19:46 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\D67DAEB7d01

O61 - LFC:Last File Created 26/01/2010 - 11:19:59 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\temp\~wk~0326.tmp

O61 - LFC:Last File Created 26/01/2010 - 11:20:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\35250AB4d01

O61 - LFC:Last File Created 26/01/2010 - 11:52:48 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\prefs.xml

O61 - LFC:Last File Created 26/01/2010 - 12:00:01 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\sched.log

O61 - LFC:Last File Created 26/01/2010 - 12:00:02 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat

O61 - LFC:Last File Created 26/01/2010 - 12:00:02 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 26/01/2010 - 12:00:29 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\IDX\master.idx

O61 - LFC:Last File Created 26/01/2010 - 12:01:03 ---A- C:\Documents And Settings\COMPTA 01\Cookies\compta 01@notifier.avira[2].txt

O61 - LFC:Last File Created 26/01/2010 - 12:01:05 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\avguard.log

O61 - LFC:Last File Created 26/01/2010 - 12:01:11 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\EVENTDB\avevtdb.dbe

O61 - LFC:Last File Created 26/01/2010 - 12:01:11 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-01-26-12-00-02.log

O61 - LFC:Last File Created 26/01/2010 - 12:01:11 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\98273a2b.avl

O61 - LFC:Last File Created 26/01/2010 - 12:01:35 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\JOBS\updjob.avj

O61 - LFC:Last File Created 26/01/2010 - 12:08:38 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\6B0554F2d01

O61 - LFC:Last File Created 26/01/2010 - 12:13:09 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\temp\~wk~0327.tmp

O61 - LFC:Last File Created 26/01/2010 - 12:22:06 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\5701B228d01

O61 - LFC:Last File Created 26/01/2010 - 12:26:48 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A5B37A4Cd01

O61 - LFC:Last File Created 26/01/2010 - 12:27:05 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\96948E78d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:16 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\8A57926Ed01

O61 - LFC:Last File Created 26/01/2010 - 12:27:16 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\CBFC872Fd01

O61 - LFC:Last File Created 26/01/2010 - 12:27:17 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\2EF6475Dd01

O61 - LFC:Last File Created 26/01/2010 - 12:27:18 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\2F9F3CF5d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:18 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\8E910632d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:20 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A098B1D5d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:20 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\ECFB4185d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:28 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\2B442D91d01

O61 - LFC:Last File Created 26/01/2010 - 12:27:31 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\8AF2AE2Dd01

O61 - LFC:Last File Created 26/01/2010 - 12:27:56 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A93231CFd01

O61 - LFC:Last File Created 26/01/2010 - 12:28:45 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\FFBA8617d01

O61 - LFC:Last File Created 26/01/2010 - 12:30:38 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\9014CA3Ad01

O61 - LFC:Last File Created 26/01/2010 - 12:31:47 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\5E51E8ECd01

O61 - LFC:Last File Created 26/01/2010 - 12:33:11 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\1745AED2d01

O61 - LFC:Last File Created 26/01/2010 - 12:33:48 ---A- C:\Documents And Settings\COMPTA 01\Recent\mbam-log-2010-01-20 (22-40-10).lnk

O61 - LFC:Last File Created 26/01/2010 - 12:33:49 ---A- C:\Documents And Settings\COMPTA 01\Recent\Partage.lnk

O61 - LFC:Last File Created 26/01/2010 - 12:50:01 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\FAFB8097d01

O61 - LFC:Last File Created 26/01/2010 - 12:52:19 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\settings.dat.old

O61 - LFC:Last File Created 26/01/2010 - 12:57:55 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\1426522Cd01

O61 - LFC:Last File Created 26/01/2010 - 12:58:25 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\ED18898Bd01

O61 - LFC:Last File Created 26/01/2010 - 12:59:51 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\CT1757849\emailnotifier\acc

O61 - LFC:Last File Created 26/01/2010 - 13:01:35 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\9014CB3Ad01

O61 - LFC:Last File Created 26/01/2010 - 13:02:01 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\places.sqlite

O61 - LFC:Last File Created 26/01/2010 - 13:08:19 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\78DA750Ed01

O61 - LFC:Last File Created 26/01/2010 - 13:08:22 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\50A073A5d01

O61 - LFC:Last File Created 26/01/2010 - 13:08:28 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\9B50F447d01

O61 - LFC:Last File Created 26/01/2010 - 13:08:43 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\090BF76Ad01

O61 - LFC:Last File Created 26/01/2010 - 13:08:48 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\92798BFAd01

O61 - LFC:Last File Created 26/01/2010 - 13:08:48 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\927A1DBAd01

O61 - LFC:Last File Created 26/01/2010 - 13:09:02 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\D88DBBE6d01

O61 - LFC:Last File Created 26/01/2010 - 13:09:02 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\DD6E0FFEd01

O61 - LFC:Last File Created 26/01/2010 - 13:09:02 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\EF034939d01

O61 - LFC:Last File Created 26/01/2010 - 13:09:27 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\A750341Bd01

O61 - LFC:Last File Created 26/01/2010 - 13:09:42 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7406DD9Ad01

O61 - LFC:Last File Created 26/01/2010 - 13:09:45 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7501F7E8d01

O61 - LFC:Last File Created 26/01/2010 - 13:11:32 ---A- C:\Documents And Settings\COMPTA 01\Application Data\IDM\Scheduler\q_1.dt

O61 - LFC:Last File Created 26/01/2010 - 13:12:15 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\29B33E40d01

O61 - LFC:Last File Created 26/01/2010 - 13:13:03 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\7226DF11d01

O61 - LFC:Last File Created 26/01/2010 - 13:13:22 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\17665D4Bd01

O61 - LFC:Last File Created 26/01/2010 - 13:13:36 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\2D07B06Cd01

O61 - LFC:Last File Created 26/01/2010 - 13:19:49 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\CT1757849\feed\http___www_torrent411_com_rss_php_live_structured.xml

O61 - LFC:Last File Created 26/01/2010 - 13:19:50 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\CT1757849\weather\forecast_fr-ca.xml

O61 - LFC:Last File Created 26/01/2010 - 13:22:19 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\settings.dat

O61 - LFC:Last File Created 26/01/2010 - 13:23:47 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk

O61 - LFC:Last File Created 26/01/2010 - 13:23:47 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk

O61 - LFC:Last File Created 26/01/2010 - 13:24:05 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\587A2AA1d01

O61 - LFC:Last File Created 26/01/2010 - 13:24:30 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\6A902775d01

O61 - LFC:Last File Created 26/01/2010 - 13:24:38 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\5701B528d01

O61 - LFC:Last File Created 26/01/2010 - 13:24:49 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\Cache\17665D34d01

O61 - LFC:Last File Created 26/01/2010 - 13:27:59 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5

O61 - LFC:Last File Created 26/01/2010 - 13:27:59 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5

O61 - LFC:Last File Created 26/01/2010 - 13:28:16 ---A- C:\Documents And Settings\COMPTA 01\Local Settings\Application Data\Yahoo\Widget Engine\Widget Data\Yahoo! Weather\location data.db

O61 - LFC:Last File Created 26/01/2010 - 13:28:26 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD

O61 - LFC:Last File Created 26/01/2010 - 13:28:26 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD

O61 - LFC:Last File Created 26/01/2010 - 13:28:31 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A

O61 - LFC:Last File Created 26/01/2010 - 13:28:31 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A

O61 - LFC:Last File Created 26/01/2010 - 13:29:08 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7

O61 - LFC:Last File Created 26/01/2010 - 13:29:08 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7

O61 - LFC:Last File Created 26/01/2010 - 13:29:16 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\E8974A4669383843486E5AFDB09650F5

O61 - LFC:Last File Created 26/01/2010 - 13:29:16 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\E8974A4669383843486E5AFDB09650F5

O61 - LFC:Last File Created 26/01/2010 - 13:29:27 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\sessionstore.js

O61 - LFC:Last File Created 26/01/2010 - 13:30:00 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019

O61 - LFC:Last File Created 26/01/2010 - 13:30:00 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019

O61 - LFC:Last File Created 26/01/2010 - 13:30:08 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1

O61 - LFC:Last File Created 26/01/2010 - 13:30:08 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1

O61 - LFC:Last File Created 26/01/2010 - 13:30:20 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5

O61 - LFC:Last File Created 26/01/2010 - 13:30:20 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5

O61 - LFC:Last File Created 26/01/2010 - 13:30:39 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\F482C95F83F1B59228F1B1E720F2EDF1

O61 - LFC:Last File Created 26/01/2010 - 13:30:39 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\F482C95F83F1B59228F1B1E720F2EDF1

O61 - LFC:Last File Created 26/01/2010 - 13:31:18 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735

O61 - LFC:Last File Created 26/01/2010 - 13:31:18 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735

O61 - LFC:Last File Created 26/01/2010 - 13:33:40 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30

O61 - LFC:Last File Created 26/01/2010 - 13:33:40 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30

O61 - LFC:Last File Created 26/01/2010 - 13:33:48 ---A- C:\Documents And Settings\COMPTA 01\Application Data\.purple\accounts.xml

O61 - LFC:Last File Created 26/01/2010 - 13:34:01 ---A- C:\Documents And Settings\COMPTA 01\Application Data\Mozilla\Firefox\Profiles\l2plt14f.default\places.sqlite-journal

O61 - LFC:Last File Created 26/01/2010 - 13:34:52 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\resume.dat.old

O61 - LFC:Last File Created 26/01/2010 - 13:35:02 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4

O61 - LFC:Last File Created 26/01/2010 - 13:35:02 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4

O61 - LFC:Last File Created 26/01/2010 - 13:35:03 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217

O61 - LFC:Last File Created 26/01/2010 - 13:35:03 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217

O61 - LFC:Last File Created 26/01/2010 - 13:35:24 ---A- C:\Documents And Settings\COMPTA 01\Application Data\uTorrent\resume.dat

O61 - LFC:Last File Created 26/01/2010 - 13:35:31 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

O61 - LFC:Last File Created 26/01/2010 - 13:35:31 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

O61 - LFC:Last File Created 26/01/2010 - 13:35:33 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004

O61 - LFC:Last File Created 26/01/2010 - 13:35:33 -S-A- C:\Documents And Settings\COMPTA 01\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)

O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (random/random)

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - Service d'application d'assistance IPv6 (6to4) - LEGACY_6TO4

O64 - Services: CurCS - Adobe LM Service (Adobe LM Service) - LEGACY_ADOBE_LM_SERVICE

O64 - Services: CurCS - Environnement de prise en charge de réseau AFD (AFD) - LEGACY_AFD

O64 - Services: CurCS - Service de la passerelle de la couche Application (ALG) - LEGACY_ALG

O64 - Services: CurCS - AMON (AMON) - LEGACY_AMON

O64 - Services: CurCS - Avira AntiVir Scheduler (AntiVirSchedulerService) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - Avira AntiVir Guard (AntiVirService) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV

O64 - Services: CurCS - avgio (avgio) - LEGACY_AVGIO

O64 - Services: CurCS - avgntflt (avgntflt) - LEGACY_AVGNTFLT

O64 - Services: CurCS - avipbb (avipbb) - LEGACY_AVIPBB

O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP

O64 - Services: CurCS - Service de transfert intelligent en arrière-plan (BITS) - LEGACY_BITS

O64 - Services: CurCS - Explorateur d'ordinateur (Browser) - LEGACY_BROWSER

O64 - Services: CurCS - catchme (catchme) - LEGACY_CATCHME

O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS

O64 - Services: CurCS - CLASSPNP_2 (CLASSPNP_2) - LEGACY_CLASSPNP_2

O64 - Services: CurCS - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP

O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC

O64 - Services: CurCS - CrystalSysInfo (CrystalSysInfo) - LEGACY_CRYSTALSYSINFO

O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP

O64 - Services: CurCS - Service d'administration du Gestionnaire de disque logique (dmadmin) - LEGACY_DMADMIN

O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT

O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD

O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER

O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE

O64 - Services: CurCS - Service de rapport d'erreurs (ERSvc) - LEGACY_ERSVC

O64 - Services: CurCS - Système d'événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT

O64 - Services: CurCS - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS

O64 - Services: CurCS - FLEXnet Licensing Service (FLEXnet Licensing Service) - LEGACY_FLEXNET_LICENSING_SERVICE

O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR

O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC

O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC

O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC

O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP

O64 - Services: CurCS - HTTP SSL (HTTPFilter) - LEGACY_HTTPFILTER

O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - Pilote du pare-feu Windows IPv6 (ip6fw) - LEGACY_IP6FW

O64 - Services: CurCS - Traducteur d'adresses réseau IP (IpNat) - LEGACY_IPNAT

O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC

O64 - Services: CurCS - Pilote de bus Plug-and-Play ISA/EISA (isapnp) - LEGACY_ISAPNP

O64 - Services: CurCS - Java Quick Starter (JavaQuickStarterService) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD

O64 - Services: CurCS - Serveur (lanmanserver) - LEGACY_LANMANSERVER

O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS

O64 - Services: CurCS - mbr (mbr) - LEGACY_MBR

O64 - Services: CurCS - mchInjDrv (mchInjDrv) - LEGACY_MCHINJDRV

O64 - Services: CurCS - Affichage des messages (Messenger) - LEGACY_MESSENGER

O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD

O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR

O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV

O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB

O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC

O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS

O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER

O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP

O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS

O64 - Services: CurCS - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI

O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO

O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY

O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS

O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT

O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN

O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA

O64 - Services: CurCS - NOD32 Kernel Service (NOD32krn) - LEGACY_NOD32KRN

O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS

O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS

O64 - Services: CurCS - Null (Null) - LEGACY_NULL

O64 - Services: CurCS - Office Source Engine (ose) - LEGACY_OSE

O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR

O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM

O64 - Services: CurCS - pavboot (pavboot) - LEGACY_PAVBOOT

O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT

O64 - Services: CurCS - PROCEXP113 (PROCEXP113) - LEGACY_PROCEXP113

O64 - Services: CurCS - PROCEXP90 (PROCEXP90) - LEGACY_PROCEXP90

O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - RapidPortM1 (RapidPortM1) - LEGACY_RAPIDPORTM1

O64 - Services: CurCS - Pilote de connexion automatique d'accès distant (RasAcd) - LEGACY_RASACD

O64 - Services: CurCS - Gestionnaire de connexion automatique d'accès distant (RasAuto) - LEGACY_RASAUTO

O64 - Ser

[ma_rhaja]

bon décidémment, moi et ma connexion....

 

obligé de rééditer parce que poster 2 fois

Modifié le 26 janvier 2010 par ma_rhaja

[pear]

O4 - Global Startup: Dos Optimizer.pif . C:\Documents And Settings\COMPTA 01\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif => Infection Diverse (Cloaked Malware)

 

Pas grand chose sur cette machine,

Seulement cela de suspect.

 

J'ai besoin de votre avis avant d'en envisager la suppression.

 

et Toolbars inutiles, à cocher et fixer dans un Hijackthis.

O2 - BHO: SPEEDBIT1 - {425E30F0-CCC6-4E24-BBEB-BCBD31720B37} . -- C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll

O3 - Toolbar: SpeedBit - {EBFCD017-BCAD-42C3-9ED5-89DBDFC59171} . -- C:\Program Files\SpeedBit Toolbar\Toolbar\SpeedBit.dll

 

Par contre ceci est à supprimer:

 

C:\Documents and Settings\COMPTA 01\Application Data\smss.exe (Trojan.Delf) -> No action taken.

C:\Documents and Settings\COMPTA 01\Application Data\svchost.exe (Trojan.Delf) -> No action taken.

C:\WINDOWS\system32\Sexy Girls.scr (Trojan.Delf) -> No action taken.

C:\WINDOWS\inf\smss.exe (Trojan.Delf) -> No action taken.

 

 

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous) en vert:

 

:Files

C:\Documents and Settings\COMPTA 01\Application Data\smss.exe

C:\Documents and Settings\COMPTA 01\Application Data\svchost.exe

C:\WINDOWS\system32\Sexy Girls.scr

C:\WINDOWS\inf\smss.exe

 

:Commands

[purity]

[emptytemp]

[Reboot]

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

[ma_rhaja]

Vérifier que Unregister Dll's and Ocx's soit coché.

 

euh...excusez-moi de poser une question un peu b^bête mais comment on fait pour vérifier qu'ils soient tous 2 cochés?????

[pear]

Cette instruction n'est plus utilisée dans les dernières versions d'OTM.

[ma_rhaja]

voici le rapport OTM. J'espère ne pas me tromper car je n'ai qu'un fichier .txt

 

 

All processes killed

========== FILES ==========

File/Folder C:\Documents and Settings\COMPTA 01\Application Data\smss.exe not found.

File/Folder C:\Documents and Settings\COMPTA 01\Application Data\svchost.exe not found.

C:\WINDOWS\system32\Sexy Girls.scr moved successfully.

C:\WINDOWS\inf\smss.exe moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrateur

->Temp folder emptied: 163948 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 3281451 bytes

 

User: All Users

 

User: COMPTA 01

->Temp folder emptied: 230077 bytes

->Temporary Internet Files folder emptied: 350430 bytes

->Java cache emptied: 25802292 bytes

->FireFox cache emptied: 64209636 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33191 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1138663 bytes

%systemroot%\System32 .tmp files removed: 3072 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 561593 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33293 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 91,00 mb

 

 

OTM by OldTimer - Version 3.1.6.0 log created on 01262010_160626

 

Files moved on Reboot...

C:\Documents and Settings\COMPTA 01\Local Settings\Temp\VBE\MSForms.exd moved successfully.

C:\Documents and Settings\COMPTA 01\Local Settings\Temp\VBE\RefEdit.exd moved successfully.

File C:\Documents and Settings\COMPTA 01\Local Settings\Temp\~DF6608.tmp not found!

File C:\Documents and Settings\COMPTA 01\Local Settings\Temp\~DF7DEC.tmp not found!

 

Registry entries deleted on Reboot...