Kmasirumecahal.dll : je l'ai rencontré !!

[ibajo1]

Pear,

 

Ce qui précède était après restauration du système au point de restauration Combofix parce que j'avais loupé l'envoi internet la première fois.

 

Voici le premier rapport avant restauration mais sans envoi internet : c'est différent au niveau suppression ou il parle de exécution préalable fdbbcebe.dll impossible à supprimer :

 

ComboFix 10-03-29.04 - will 01/04/2010 22:20:21.4.1 - FAT32x86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.238.91 [GMT 2:00]

Lancé depuis: c:\documents and settings\will\Bureau\will.exe

Commutateurs utilisés :: c:\documents and settings\will\Bureau\CFScript.txt

* Un nouveau point de restauration a été créé

 

FILE ::

"C:\kdcsnn.exe"

"C:\kxop.exe"

"c:\windows\system32\376e359ebd78aca00d78d222139af1b6.sys"

"C:\xqgtel.exe"

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\kdcsnn.exe

C:\kxop.exe

c:\windows\system32\376e359ebd78aca00d78d222139af1b6.sys

C:\xqgtel.exe

.

---- Exécution préalable -------

.

c:\windows\system32\fdbbcebe.dll . . . . impossible à supprimer

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_376e359ebd78aca00d78d222139af1b6

-------\Service_376e359ebd78aca00d78d222139af1b6

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2010-03-01 au 2010-04-01 ))))))))))))))))))))))))))))))))))))

.

 

2010-03-31 12:40 . 2010-03-31 12:40 -------- d-----w- C:\tdsskiller

2010-03-31 01:32 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

2010-03-31 01:04 . 2010-03-31 01:04 -------- d-----w- c:\windows\ServicePackFiles

2010-03-31 01:03 . 2010-03-31 01:03 -------- d-----w- c:\windows\ie8updates

2010-03-30 22:32 . 2010-03-30 22:33 -------- d-----w- c:\program files\Fichiers communs\Java

2010-03-30 21:00 . 2010-03-30 21:00 489952 ----a-w- C:\UsbFix_Upload_Me_ACER-86ABAAF10A.zip

2010-03-30 20:44 . 2010-03-30 20:44 -------- d-----w- C:\UsbFix

2010-03-30 19:59 . 2010-03-30 19:59 -------- d-----w- c:\documents and settings\All Users\Application Data\open-config

2010-03-30 17:49 . 2010-02-25 06:17 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

2010-03-30 17:49 . 2010-02-25 06:17 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll

2010-03-30 17:49 . 2010-02-25 06:17 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll

2010-03-30 17:49 . 2010-02-25 06:17 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2010-03-30 17:49 . 2010-02-25 06:17 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2010-03-29 12:11 . 2010-03-29 12:11 -------- d-sh--w- c:\documents and settings\Administrateur.ACER-86ABAAF10A\IETldCache

2010-03-29 08:24 . 2010-03-29 08:24 -------- d-----w- c:\program files\trend micro

2010-03-29 08:24 . 2010-03-29 08:24 -------- d-----w- C:\rsit

2010-03-29 08:04 . 2010-03-29 08:04 -------- d-----w- c:\documents and settings\will\Local Settings\Application Data\Temp

2010-03-29 07:50 . 2010-03-29 07:50 -------- d-----w- c:\program files\ZHPDiag

2010-03-29 06:40 . 2010-03-29 06:40 -------- d-sh--w- c:\documents and settings\will\IECompatCache

2010-03-29 06:39 . 2010-03-29 06:39 -------- d-sh--w- c:\documents and settings\will\PrivacIE

2010-03-29 06:36 . 2010-03-29 06:36 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

2010-03-29 06:34 . 2010-03-29 06:34 -------- d-sh--w- c:\documents and settings\will\IETldCache

2010-03-29 06:34 . 2010-03-29 06:34 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2010-03-29 06:26 . 2010-03-29 06:26 -------- d--h--w- c:\windows\ie8

2010-03-29 06:26 . 2010-03-29 06:26 -------- d-----w- c:\windows\system32\fr-FR

2010-03-29 05:59 . 2010-03-29 05:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google

2010-03-29 05:15 . 2010-03-29 05:15 -------- d-----w- c:\program files\VS Revo Group

2010-03-29 04:35 . 2010-03-29 04:35 -------- d-----w- c:\windows\system32\LogFiles

2010-03-29 04:34 . 2010-03-09 02:28 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-03-29 04:15 . 2010-03-29 04:15 -------- d-----w- c:\program files\microsoft frontpage

2010-03-29 03:52 . 2010-03-29 03:52 -------- d-----w- c:\documents and settings\Administrateur.ACER-86ABAAF10A\Application Data\DivX

2010-03-29 02:20 . 2010-03-29 02:20 -------- d-----w- c:\documents and settings\TEMP.ACER-86ABAAF10A.001

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-04-01 20:25 . 2004-09-20 09:34 12 ----a-w- c:\windows\bthservsdp.dat

2010-04-01 13:45 . 1979-12-31 22:00 72556 ----a-w- c:\windows\system32\perfc00C.dat

2010-04-01 13:45 . 1979-12-31 22:00 460436 ----a-w- c:\windows\system32\perfh00C.dat

2010-03-31 12:27 . 2007-04-18 00:05 312847 ----a-w- c:\windows\system32\fdbbcebe.dll

2010-03-30 22:32 . 2010-03-30 22:32 503808 ----a-w- c:\documents and settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\msvcp71.dll

2010-03-30 22:32 . 2010-03-30 22:32 61440 ----a-w- c:\documents and settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b-n\decora-sse.dll

2010-03-30 22:32 . 2010-03-30 22:32 499712 ----a-w- c:\documents and settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\jmc.dll

2010-03-30 22:32 . 2010-03-30 22:32 348160 ----a-w- c:\documents and settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\msvcr71.dll

2010-03-30 22:32 . 2010-03-30 22:32 12800 ----a-w- c:\documents and settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b-n\decora-d3d.dll

2010-02-25 06:17 . 1979-12-31 22:00 916480 ----a-w- c:\windows\system32\wininet.dll

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-12 68856]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 98304]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 532480]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 110592]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-10 118784]

"EPM-DM"="c:\acer\epm\epm-dm.exe" [2004-07-14 151552]

"ePowerManagement"="c:\acer\ePM\ePM.exe" [2004-09-01 2876416]

"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2004-07-30 319488]

"YeppStudioAgent"="c:\program files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe" [2005-09-12 40960]

"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]

"Agent"="d:\vcr ii\Agent.exe" [2002-10-01 94208]

"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Common\WLANUtil.exe [2008-8-21 679936]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fdbbcebe]

2010-03-31 12:27 312847 ----a-w- c:\windows\system32\fdbbcebe.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

 

R1 SMBHC;Pilote de contrôleur hôte du bus de gestion du système Microsoft;c:\windows\system32\drivers\smbhc.sys [20/09/2004 11:11 6784]

R3 SMBBATT;Pilote de batterie intelligente Microsoft;c:\windows\system32\drivers\smbbatt.sys [20/09/2004 11:12 16128]

S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/03/2010 7:25 135664]

S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [10/05/2008 18:41 81832]

S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [10/05/2008 18:42 13864]

S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [10/05/2008 18:42 107304]

S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [10/05/2008 18:42 99112]

S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [10/05/2008 18:42 21928]

S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [10/05/2008 18:42 97320]

S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [10/05/2008 18:42 97704]

.

Contenu du dossier 'Tâches planifiées'

 

2008-12-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 13:42]

 

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 05:25]

 

2010-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 05:25]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.be/

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-04-01 22:30

Windows 5.1.2600 Service Pack 2 FAT NTAPI

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(620)

c:\windows\system32\fdbbcebe.dll

 

- - - - - - - > 'explorer.exe'(3372)

c:\windows\system32\webcheck.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\acer\eManager\anbmServ.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\rundll32.exe

c:\program files\Fichiers communs\Teleca Shared\Generic.exe

c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

.

**************************************************************************

.

Heure de fin: 2010-04-01 22:37:49 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-04-01 20:37

ComboFix2.txt 2010-03-29 04:29

 

Avant-CF: 357.683.200 octets libres

Après-CF: 276.545.536 octets libres

 

- - End Of File - - CFD48218081FBA0741F38E23F89EF7C3

 

 

Désolé d'avoir un peu cafouillé sur cette manipulation...

[pear]

Bonjour,

Je vais devoir faire quelques recherches sur cette fdbbcebe.dll.

D'ici là, faisons le point avec un tout nouveau Rsit, svp.

[ibajo1]

Bonjour Pear,

 

Voici le Rsit demandé.

Ne vous étonnez pas que certains programmes repris dans le premier ne s'y trouvent plus.

J'ai du en desinstaller quelques uns pour faire de la place sur ma partition C qui au fur et à mesure des mises à jour de Windows devenait trop petite.

Alors, avant de me lancer dans l'élargissement de la partition C et la diminution de la D, j'ai fait un peu de ménage...

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by will at 2010-04-02 13:57:33

Microsoft Windows XP Édition familiale Service Pack 2

System drive C: has 976 MB (12%) free of 8 GB

Total RAM: 238 MB (47% free)

 

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-29 279664]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-03-29 812528]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-02 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-02 79648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-29 279664]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"=Alaunch []

"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-20 98304]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-20 532480]

"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-02-11 155648]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-02-11 118784]

"EPM-DM"=c:\acer\epm\epm-dm.exe [2004-07-14 151552]

"ePowerManagement"=C:\Acer\ePM\ePM.exe [2004-09-01 2876416]

"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2004-07-30 319488]

"YeppStudioAgent"=C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe [2005-09-12 40960]

"Agent"=D:\VCR II\Agent.exe [2002-10-01 94208]

"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-12 68856]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Sitecom Wireless Utility.lnk - C:\Program Files\Sitecom\Common\WLANUtil.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fdbbcebe]

C:\WINDOWS\system32\fdbbcebe.dll [2010-03-31 312847]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxsrvc.dll [2004-02-11 339968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=255

"WizmaxBackup_NoDriveTypeAutoRun"=145

"NoDriveAutoRun"=67108863

"HonorAutoRunSetting"=0

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=

"WizmaxBackup_NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

"NoDriveAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

======List of files/folders created in the last 1 months======

 

2010-04-02 13:54:53 ----A---- C:\WINDOWS\system32\REN59.tmp

2010-04-02 13:54:53 ----A---- C:\WINDOWS\system32\javaws.exe

2010-04-02 13:54:53 ----A---- C:\WINDOWS\system32\javaw.exe

2010-04-02 13:54:53 ----A---- C:\WINDOWS\system32\java.exe

2010-04-02 13:54:27 ----D---- C:\Program Files\Java

2010-04-02 13:49:31 ----D---- C:\WINDOWS\LastGood

2010-04-02 03:15:02 ----D---- C:\WINDOWS\system32\XPSViewer

2010-04-02 03:14:50 ----D---- C:\Program Files\MSBuild

2010-04-02 03:14:45 ----D---- C:\WINDOWS\system32\en-US

2010-04-02 03:14:28 ----D---- C:\Program Files\Reference Assemblies

2010-04-02 03:13:03 ----N---- C:\WINDOWS\system32\xpsshhdr.dll

2010-04-02 03:13:03 ----N---- C:\WINDOWS\system32\prntvpt.dll

2010-04-02 03:13:01 ----N---- C:\WINDOWS\system32\xpssvcs.dll

2010-04-02 03:03:26 ----HD---- C:\WINDOWS\$NtUninstallWIC$

2010-04-02 03:03:01 ----D---- C:\Program Files\MSXML 6.0

2010-04-02 01:38:37 ----SHD---- C:\Recycled

2010-04-01 23:15:59 ----A---- C:\ComboFix.txt

2010-04-01 23:07:51 ----D---- C:\WINDOWS\temp

2010-04-01 13:58:21 ----HD---- C:\WINDOWS\$NtUninstallKB970430$

2010-04-01 13:57:56 ----HD---- C:\WINDOWS\$NtUninstallKB971737$

2010-03-31 15:25:04 ----A---- C:\TDSSKiller.2.2.8.1_31.03.2010_15.25.04_log.txt

2010-03-31 15:11:07 ----A---- C:\TDSSKiller.2.2.8.1_31.03.2010_15.11.07_log.txt

2010-03-31 15:10:27 ----A---- C:\TDSSKiller.2.2.8.1_31.03.2010_15.10.27_log.txt

2010-03-31 15:09:57 ----A---- C:\TDSSKiller.2.2.8.1_31.03.2010_15.09.57_log.txt

2010-03-31 14:40:32 ----D---- C:\tdsskiller

2010-03-31 14:08:06 ----A---- C:\analyse1.txt

2010-03-31 14:06:00 ----A---- C:\analyse2.txt

2010-03-31 14:03:50 ----A---- C:\analyse3.txt

2010-03-31 03:32:53 ----N---- C:\WINDOWS\system32\browserchoice.exe

2010-03-31 03:14:24 ----HD---- C:\WINDOWS\$NtUninstallKB978262$

2010-03-31 03:14:18 ----HD---- C:\WINDOWS\$NtUninstallKB959426$

2010-03-31 03:13:56 ----HD---- C:\WINDOWS\$NtUninstallKB960859$

2010-03-31 03:13:47 ----HD---- C:\WINDOWS\$NtUninstallKB971468$

2010-03-31 03:13:22 ----HD---- C:\WINDOWS\$NtUninstallKB958869$

2010-03-31 03:13:11 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$

2010-03-31 03:12:58 ----HD---- C:\WINDOWS\$NtUninstallKB955759$

2010-03-31 03:12:42 ----HD---- C:\WINDOWS\$NtUninstallKB974318$

2010-03-31 03:12:27 ----HD---- C:\WINDOWS\$NtUninstallKB969059$

2010-03-31 03:12:07 ----HD---- C:\WINDOWS\$NtUninstallKB978037$

2010-03-31 03:12:01 ----HD---- C:\WINDOWS\$NtUninstallKB975713$

2010-03-31 03:11:55 ----HD---- C:\WINDOWS\$NtUninstallKB971657$

2010-03-31 03:11:13 ----HD---- C:\WINDOWS\$NtUninstallKB977165-v2$

2010-03-31 03:10:50 ----HD---- C:\WINDOWS\$NtUninstallKB960225$

2010-03-31 03:10:42 ----HD---- C:\WINDOWS\$NtUninstallKB972270$

2010-03-31 03:10:33 ----HD---- C:\WINDOWS\$NtUninstallKB974112$

2010-03-31 03:09:48 ----HD---- C:\WINDOWS\$NtUninstallKB956572$

2010-03-31 03:09:35 ----HD---- C:\WINDOWS\$NtUninstallKB956844$

2010-03-31 03:09:29 ----HD---- C:\WINDOWS\$NtUninstallKB961501$

2010-03-31 03:09:18 ----HD---- C:\WINDOWS\$NtUninstallKB968816_WM9$

2010-03-31 03:09:04 ----HD---- C:\WINDOWS\$NtUninstallKB975561$

2010-03-31 03:08:54 ----HD---- C:\WINDOWS\$NtUninstallKB978251$

2010-03-31 03:08:49 ----HD---- C:\WINDOWS\$NtUninstallKB973869$

2010-03-31 03:08:43 ----HD---- C:\WINDOWS\$NtUninstallKB975025$

2010-03-31 03:08:27 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9L$

2010-03-31 03:08:06 ----HD---- C:\WINDOWS\$NtUninstallKB952004$

2010-03-31 03:07:59 ----HD---- C:\WINDOWS\$NtUninstallKB974571$

2010-03-31 03:07:36 ----HD---- C:\WINDOWS\$NtUninstallKB975560$

2010-03-31 03:07:25 ----HD---- C:\WINDOWS\$NtUninstallKB973507$

2010-03-31 03:07:12 ----HD---- C:\WINDOWS\$NtUninstallKB973687$

2010-03-31 03:06:12 ----HD---- C:\WINDOWS\$NtUninstallKB973354$

2010-03-31 03:06:05 ----HD---- C:\WINDOWS\$NtUninstallKB973904$

2010-03-31 03:05:56 ----HD---- C:\WINDOWS\$NtUninstallKB974392$

2010-03-31 03:05:49 ----HD---- C:\WINDOWS\$NtUninstallKB977914$

2010-03-31 03:04:33 ----HD---- C:\WINDOWS\$NtUninstallKB970238$

2010-03-31 03:04:22 ----HD---- C:\WINDOWS\$NtUninstallKB978706$

2010-03-31 03:04:11 ----D---- C:\WINDOWS\ServicePackFiles

2010-03-31 03:04:09 ----HD---- C:\WINDOWS\$NtUninstallKB958470$

2010-03-31 03:04:01 ----HD---- C:\WINDOWS\$NtUninstallKB960803$

2010-03-31 03:03:53 ----HD---- C:\WINDOWS\$NtUninstallKB973815$

2010-03-31 03:03:41 ----D---- C:\WINDOWS\ie8updates

2010-03-31 03:02:51 ----HD---- C:\WINDOWS\$NtUninstallKB979306$

2010-03-31 03:02:23 ----HD---- C:\WINDOWS\$NtUninstallKB923561$

2010-03-31 03:02:16 ----HD---- C:\WINDOWS\$NtUninstallKB975467$

2010-03-31 03:01:46 ----HD---- C:\WINDOWS\$NtUninstallKB968389$

2010-03-31 03:01:27 ----HD---- C:\WINDOWS\$NtUninstallKB969947$

2010-03-31 00:33:02 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2010-03-31 00:32:59 ----D---- C:\Program Files\Fichiers communs\Java

2010-03-30 23:22:25 ----A---- C:\Usb2Fix.txt

2010-03-30 23:21:10 ----A---- C:\UsbFix.txt

2010-03-30 23:20:18 ----A---- C:\Usb1Fix.txt

2010-03-30 23:00:10 ----RAD---- C:\autorun.inf

2010-03-30 22:44:24 ----D---- C:\UsbFix

2010-03-30 21:59:44 ----D---- C:\Documents and Settings\All Users\Application Data\open-config

2010-03-29 10:24:54 ----D---- C:\Program Files\trend micro

2010-03-29 10:24:53 ----D---- C:\rsit

2010-03-29 09:50:02 ----D---- C:\Program Files\ZHPDiag

2010-03-29 08:28:30 ----D---- C:\WINDOWS\WBEM

2010-03-29 08:26:27 ----HD---- C:\WINDOWS\ie8

2010-03-29 08:26:27 ----D---- C:\WINDOWS\system32\fr-FR

2010-03-29 07:15:46 ----D---- C:\Program Files\VS Revo Group

2010-03-29 06:35:00 ----D---- C:\WINDOWS\system32\LogFiles

2010-03-29 06:34:30 ----A---- C:\WINDOWS\system32\deploytk.dll

2010-03-29 06:15:09 ----D---- C:\Program Files\microsoft frontpage

2010-03-29 06:10:37 ----A---- C:\Boot.bak

2010-03-29 06:10:34 ----RASHD---- C:\cmdcons

2010-03-29 06:09:27 ----A---- C:\WINDOWS\zip.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\SWREG.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\sed.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\PEV.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\NIRCMD.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\MBR.exe

2010-03-29 06:09:27 ----A---- C:\WINDOWS\grep.exe

2010-03-29 06:09:26 ----A---- C:\WINDOWS\SWXCACLS.exe

2010-03-29 06:09:26 ----A---- C:\WINDOWS\SWSC.exe

2010-03-29 06:09:23 ----D---- C:\WINDOWS\ERDNT

2010-03-29 06:09:13 ----AD---- C:\Qoobox

2010-03-29 05:53:07 ----A---- C:\WINDOWS\system32\MRT.exe

2010-03-29 03:15:45 ----A---- C:\WINDOWS\Awpr.ini

2010-03-28 19:12:27 ----A---- C:\WINDOWS\ntbtlog.txt

 

======List of files/folders modified in the last 1 months======

 

2010-04-02 03:58:18 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt

2010-04-02 03:26:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-04-02 02:25:02 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-04-01 23:10:38 ----A---- C:\WINDOWS\system.ini

2010-04-01 13:58:28 ----A---- C:\WINDOWS\imsins.BAK

2010-03-31 14:27:20 ----A---- C:\WINDOWS\system32\fdbbcebe.dll

2010-03-29 06:10:38 ----RASH---- C:\boot.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]

R1 SMBHC;Pilote de contrôleur hôte du bus de gestion du système Microsoft; C:\WINDOWS\system32\DRIVERS\SMBHC.sys [2001-08-17 6784]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-21 21419]

R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []

R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []

R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-10 11043]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-27 44032]

R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-04-30 292352]

R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-04-30 274688]

R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2002-11-20 17983]

R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-11 1041536]

R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-11 199552]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-11 681469]

R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2004-09-20 6912]

R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 SMBBATT;Pilote de batterie intelligente Microsoft; C:\WINDOWS\system32\DRIVERS\SMBBATT.sys [2004-08-03 16128]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-20 184768]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-11 682624]

S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]

S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-05-15 745984]

S3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-23 175360]

S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-05 17024]

S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-05 100992]

S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]

S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-05 18944]

S3 catchme;catchme; \??\C:\will\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 DCamUSBEMPIA;Hercules Smart TV USB2; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-03-23 100925]

S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-08-05 19200]

S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]

S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]

S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]

S3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]

S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-05 59648]

S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-04-25 485248]

S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]

S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]

S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]

S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]

S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]

S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]

S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]

S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-03-23 4493]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]

S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2005-08-26 68230]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]

S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-05-26 67584]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2915ABG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-08-20 3210496]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-05 73600]

S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-02 153376]

S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-05-15 376832]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 135664]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-29 182768]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

Bonne journée à vous.

A plus tard.

[pear]

Il manque la partie Running Process(Hijackthis) du rapport.

 

Je vois que vous avez les updates windows.

Cela vous prend inutilement de la place alors que Ccleaner y met bon ordre:

Téléchargez CCleaner

et installez le

à l'installation penser à decocher l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner.

Lancez le en double cliquant sur CCleaner.exe

-=Suppression des fichiers temporaires=-

 

*Dans la section "Options" situé dans la marge gauche,aller dans "Avancé" et décocher "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 24 heures".

Dans la section "Nettoyeur"

* Cocher toutes les cases dans la marge gauche pour Internet Explorer et Windows Explorer

Faites de même pour Système sauf les 2 dernières

Dans Avancé, ne cochez que les 3 dernières.

* Cliquer sur Analyse

* Le scan, qui peut prendre un peu de temps si c'est la première fois.

* Une fois le scan terminé, cliquer sur Lancer le Nettoyage

Evitez d'utiliser le nettoyage du Régistre qui pour vous faire gagner quelques microsecondes risque de déstabiliser votre systême

Modifié le 2 avril 2010 par pear

[ibajo1]

Pear,

 

J'ai fait tourner CCCleaner, il m'a libéré 444mb. Je vais pouvoir réactiver la restauration système.

 

Vis à vis de RSIT, il dit qu'il lance HJT, mais apparemment celui-ci ne s'exécute pas.

(Il est quand même pas dans la artie info ?)

 

Mais, il a accepté ZHPDiag dont voici le rapport :

 

Rapport de ZHPDiag v1.25.1341 par Nicolas Coolman

Run by will at 2/04/2010 18:46:31

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

 

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

Processor: x86 Family 6 Model 9 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 238 MB (36% free)

System drive C: has 1 GB (8%) free of 8 GB

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 8 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 13 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 14 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

 

 

---\\ Processus lancés

[MD5.6DC4A31EC070A6696D4BDB351C336482] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98304]

[MD5.E24641EBCD05F55825516F816BB29272] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [532480]

[MD5.D24B9B36C06CA0ACF7CA2C69D9BB25B5] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [155648]

[MD5.66A5047DF0C0CEC911B95B5B1E24CEBC] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [118784]

[MD5.DD1B2BD5DCBF614E91BD12814607DB70] - (.Acer Value Labs, USA - Acer EPM Device Manager.) -- c:\acer\epm\epm-dm.exe [151552]

[MD5.3C3D3423AD2F3182FAAF7EBF3FACAB37] - (.Acer Value Labs, Taiwan - Acer ePowerManagement.) -- C:\Acer\ePM\ePM.exe [2876416]

[MD5.2C6C2E36E3879759CE3CCA26999EEF43] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZgAcer.exe [319488]

[MD5.1A0A509A340E3CC23CFB0C5C44403A41] - (.Pas de propriétaire - SamsungMediaStudioAgent.) -- C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe [40960]

[MD5.51E2FF8A630A6CC96581842CEE132864] - (.CyberLink - PVCR2 Scheduler Agent.) -- D:\VCR II\Agent.exe [94208]

[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040]

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]

[MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360]

[MD5.9435C1C2D2111573111367F92F208C1F] - (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [437160]

[MD5.C10D0FAE427EA464EDEA2EE5DC40F056] - (.OSA Technologies Inc. - Service Program for Acer eManager.) -- C:\Acer\eManager\anbmServ.exe [1287168]

[MD5.59D1A07A686D994838AEE1DB258E3654] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832]

[MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336]

[MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104]

[MD5.305687EB8C8E0A12A0B2BAE387B6E466] - (.Microsoft Corporation - Service de télécopie.) -- C:\WINDOWS\system32\fxssvc.exe [268800]

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]

[MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312]

[MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856]

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [synTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [EPM-DM] . (.Acer Value Labs, USA - Acer EPM Device Manager.) -- c:\acer\epm\epm-dm.exe

O4 - HKLM\..\Run: [ePowerManagement] . (.Acer Value Labs, Taiwan - Acer ePowerManagement.) -- C:\Acer\ePM\ePM.exe

O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZgAcer.exe

O4 - HKLM\..\Run: [YeppStudioAgent] . (.Pas de propriétaire - SamsungMediaStudioAgent.) -- C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

O4 - HKLM\..\Run: [Agent] . (.CyberLink - PVCR2 Scheduler Agent.) -- D:\VCR II\Agent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - Global Startup: Sitecom Wireless Utility.lnk . (.Sitecom - Sitecom Wireless Utility.) -- C:\Program Files\Sitecom\Common\WLANUtil.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - (.not file.) - https:\\fpdownload.macromedia.com\get\shockwave\cabs\flash\swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: fdbbcebe . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\fdbbcebe.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Notebook Manager Service (anbmService) . (.OSA Technologies Inc. - Service Program for Acer eManager.) - C:\Acer\eManager\anbmServ.exe

O23 - Service: (Ati HotKey Poller) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf

O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Acer eManager for Notebook - (.Acer Inc..)

O42 - Logiciel: Acer ePowerManagement - (.Pas de propriétaire.)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.)

O42 - Logiciel: Apple Software Update - (.Apple Computer, Inc..)

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.)

O42 - Logiciel: CCleaner - (.Piriform.)

O42 - Logiciel: Conexant AC-Link Audio - (.Pas de propriétaire.)

O42 - Logiciel: Disc2Phone - (.Pas de propriétaire.)

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)

O42 - Logiciel: Google Update Helper - (.Google Inc..)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.)

O42 - Logiciel: Intel® Extreme Graphics 2 Driver - (.Pas de propriétaire.)

O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..)

O42 - Logiciel: Launch Manager - (.Pas de propriétaire.)

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.)

O42 - Logiciel: PowerVCR II - (.Pas de propriétaire.)

O42 - Logiciel: Sitecom Wireless-N Network USB Adapter WL-182 - (.Sitecom.)

O42 - Logiciel: SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.)

O42 - Logiciel: Synaptics Pointing Device Driver - (.Pas de propriétaire.)

O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers. - (.Texas Instruments Inc..)

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.)

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.)

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.)

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.)

 

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services

O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc

O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink

O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems

O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group

O43 - CFD:Common File Directory ----D- C:\Program Files\Launch Manager

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung

O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Sony

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Sitecom

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache

O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Teleca Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Panda Software

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 1/04/2010 - 22:10:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227]

O44 - LFC:[MD5.23E627B427E9F34B5312EFF19F7BAB0D] - 1/04/2010 - 22:16:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [11725]

O44 - LFC:[MD5.B58BEB5146489529D9C62B02635EC212] - 1/04/2010 - 23:33:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\rkill.log [421]

O44 - LFC:[MD5.A6BB90198FBDBEF66C6FF43CA5368E7F] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728]

O44 - LFC:[MD5.FA8D8FA6C60AB99C07693560842C9BB6] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\deploytk.dll [411368]

O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]

O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]

O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376]

O44 - LFC:[MD5.CE74891EB2FD45778FA628D62410FB69] - 2/04/2010 - 13:19:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1055810]

O44 - LFC:[MD5.8E53FB3B5D53E77DF7496EAC618C8D82] - 2/04/2010 - 13:19:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [68318]

O44 - LFC:[MD5.F2699BA0B74FB825401DC1C11CB0BCCF] - 2/04/2010 - 13:19:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [81816]

O44 - LFC:[MD5.E7BED9747B139618E9006A6B56C017D0] - 2/04/2010 - 13:19:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [434032]

O44 - LFC:[MD5.EA3CF9E098114D70D74E04171CC7CA24] - 2/04/2010 - 13:19:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [502688]

O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 2/04/2010 - 13:52:14 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\ntldr [252240]

O44 - LFC:[MD5.873EA3362AA6AC9B704F6C27D2CC7445] - 2/04/2010 - 14:17:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bthservsdp.dat [12]

O44 - LFC:[MD5.C17762569E20CFED6320FDDF6474D130] - 2/04/2010 - 14:19:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [192976]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 2/04/2010 - 14:19:36 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.5D3207B10F6CBA958E5EC5E515F7FAFD] - 2/04/2010 - 14:20:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158]

O44 - LFC:[MD5.B360014C102A7C7837E8F6D7FB54F232] - 2/04/2010 - 14:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\spupdwxp.log [269]

O44 - LFC:[MD5.317CF1397F2BDD81C2482E96603DA90C] - 2/04/2010 - 14:20:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt [4428]

O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2/04/2010 - 14:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WMSysPr9.prx [316640]

O44 - LFC:[MD5.0D2949BB235EEBCB0357256A5409656E] - 29/03/2010 - 2:15:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Awpr.ini [68]

O44 - LFC:[MD5.395B22A836F8FD8D8E32CD1B355D51D4] - 29/03/2010 - 4:53:07 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\WINDOWS\System32\MRT.exe [31648712]

O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 29/03/2010 - 5:09:26 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704]

O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 29/03/2010 - 5:09:26 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]

O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 29/03/2010 - 5:09:27 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232]

O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312]

O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412]

O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816]

O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096]

O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 29/03/2010 - 5:09:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792]

O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 29/03/2010 - 5:10:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488]

O44 - LFC:[MD5.574C94EED8119C6860546294753EC938] - 29/03/2010 - 5:10:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [216]

O44 - LFC:[MD5.1D0D125513BB0F3332847F674956C847] - 29/03/2010 - 5:10:38 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [286]

O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 29/03/2010 - 8:05:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\CONFIG.NT [3072]

O44 - LFC:[MD5.1E9AC79AB02F692ECFC9E5BE7AE587EB] - 31/03/2010 - 2:02:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [214114]

O44 - LFC:[MD5.71EB191C1FE3511EEA786174327E0E94] - 31/03/2010 - 14:25:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.25.04_log.txt [30754]

O44 - LFC:[MD5.32A978AE2B730F6411804AFF137FB4D9] - 31/03/2010 - 14:11:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.11.07_log.txt [30754]

O44 - LFC:[MD5.7394812FC86B7BDC76EA1AAE5610F2D5] - 31/03/2010 - 14:10:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.10.27_log.txt [30754]

O44 - LFC:[MD5.422E20FC13882D6540C2010A579DED6B] - 31/03/2010 - 14:10:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.09.57_log.txt [34528]

O44 - LFC:[MD5.4AE867312CC8BA4D2955417DDD42947A] - 31/03/2010 - 13:08:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse1.txt [4791]

O44 - LFC:[MD5.0F377EC604449581050B01D6D6DD3712] - 31/03/2010 - 13:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse2.txt [4037]

O44 - LFC:[MD5.F5AA13A28E46D685DC76ABB6B8E4A310] - 31/03/2010 - 13:03:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse3.txt [4487]

O44 - LFC:[MD5.A068AC21ACA263F5D6D545B0AC9EEE65] - 30/03/2010 - 23:34:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\JavaRa.log [6114]

O44 - LFC:[MD5.352CAAA798775CF26DDB3737FBA79278] - 30/03/2010 - 22:22:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Usb2Fix.txt [1151]

O44 - LFC:[MD5.352CAAA798775CF26DDB3737FBA79278] - 30/03/2010 - 22:21:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [1151]

O44 - LFC:[MD5.2868592FFACA673C159CF7EF782F3DCC] - 30/03/2010 - 22:20:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Usb1Fix.txt [4081]

O44 - LFC:[MD5.82F2708964443340D835A5A5761E5ADC] - 30/03/2010 - 22:00:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix_Upload_Me_ACER-86ABAAF10A.zip [489952]

O44 - LFC:[MD5.A64BAF3A7D0F36E77AB34B88AE9CAE93] - 30/03/2010 - 18:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Raccourci vers ACERDATA (D).lnk [187]

O44 - LFC:[MD5.7CA96386C782237988592EB606CED583] - 12/03/2010 - 17:02:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [261632]

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\BLASTCLN.EXE-32F30471.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\MOFCOMP.EXE-266B2314.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6A09524A.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:56 ---A- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-286C3734.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:56 ---A- C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:58 ---A- C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:00 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:06 ---A- C:\WINDOWS\Prefetch\LOGAGENT.EXE-2BE87CC2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:10 ---A- C:\WINDOWS\Prefetch\MIGRATE.EXE-065C8435.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-5E6ADB37.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:34 ---A- C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:38 ---A- C:\WINDOWS\Prefetch\SETUP50.EXE-2911CBB9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:38 ---A- C:\WINDOWS\Prefetch\SHMGRATE.EXE-2DD3E4D8.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:50 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:54 ---A- C:\WINDOWS\Prefetch\ALAUNCH.EXE-145B15F4.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:00 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\HKCMD.EXE-0F06AE14.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\IGFXTRAY.EXE-0A23D403.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B866543.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\SYNTPENH.EXE-2B70B91C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\SYNTPLPR.EXE-0340D8DF.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:06 ---A- C:\WINDOWS\Prefetch\EPM-DM.EXE-1C692784.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:06 ---A- C:\WINDOWS\Prefetch\EPM.EXE-37629B5F.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:10 ---A- C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:10 ---A- C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:14 ---A- C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:14 ---A- C:\WINDOWS\Prefetch\WLANUTIL.EXE-0AECB705.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:16 ---A- C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:38 ---A- C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:54 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.EXE-20D86F62.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:54 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.TMP-0882E2D7.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:24:20 ---A- C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:32:00 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6DF739B2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:32:06 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:42:08 ---A- C:\WINDOWS\Prefetch\MSCORSVW.EXE-310BC412.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 16:01:14 ---A- C:\WINDOWS\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 16:01:24 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 16:01:26 ---A- C:\WINDOWS\Prefetch\DFRGFAT.EXE-22605FE5.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 16:13:44 ---A- C:\WINDOWS\Prefetch\ACER.SCR-2DFB4018.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:14:02 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-160E1F62.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:20:24 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:22:48 ---A- C:\WINDOWS\Prefetch\CCSETUP230[1].EXE-32EB1F83.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:23:42 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:29:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:29:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:36:12 ---A- C:\WINDOWS\Prefetch\RSIT.EXE-03DC5858.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:36:14 ---A- C:\WINDOWS\Prefetch\WILL.EXE-0A62860B.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:36:20 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:43:40 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:45:08 ---A- C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3B7F4DC2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:46:24 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

 

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKCU\...\Policies\Explorer] - "WizmaxBackup_NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "WizmaxBackup_NoDriveTypeAutoRun"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 5/08/2004 - 4:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 5/08/2004 - 4:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 5/08/2004 - 4:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.2F25457FEC1404470843D8B930EA00B9] - 15/05/2004 - 21:41:40 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.B9543B0C771FEAB7CA095303007A159C] - 23/05/2003 - 0:47:12 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\drivers\b57xp32.sys

O58 - SDL:[MD5.960CE9B896750CC02FE5F1103CC23460] - 20/08/2004 - 23:41:46 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w29n51.sys

O58 - SDL:[MD5.B1DFE92234A62AB304DDC033F4EDFDB1] - 14/08/2004 - 19:59:00 ---A- . (.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) -- C:\WINDOWS\system32\drivers\epm-shd.sys

O58 - SDL:[MD5.DA58A8BE6A445835F603720C4BC8837E] - 11/02/2004 - 1:17:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys

O58 - SDL:[MD5.D68564FCFBDFC04280CDBBB37CF7EF7F] - 19/07/2004 - 12:10:00 ---A- . (.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) -- C:\WINDOWS\system32\drivers\epm-psd.sys

O58 - SDL:[MD5.96A48BDA68BF734AAE79F910AB884A34] - 20/11/2002 - 15:29:12 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS

O58 - SDL:[MD5.5A94E9D6E2716E38183959D8F4C2A5A9] - 30/04/2004 - 4:09:20 ---A- . (.Conexant Systems Inc. - Conexant WDM AC97 Audio Driver.) -- C:\WINDOWS\system32\drivers\camcaud.sys

O58 - SDL:[MD5.E7E737BC125D6BEB50669FF4B61CED19] - 30/04/2004 - 4:10:06 ---A- . (.Conexant Systems Inc. - Conexant AmcHal Driver.) -- C:\WINDOWS\system32\drivers\camchal.sys

O58 - SDL:[MD5.2A8C145E9E9E63B0071DA4F35544AB9D] - 11/03/2004 - 1:37:26 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys

O58 - SDL:[MD5.EECF0C3B62040F26C62B6579794C702E] - 11/03/2004 - 1:40:28 ---A- . (.Conexant Systems, Inc. - HSFHWICH WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys

O58 - SDL:[MD5.4683B5D9566B8653D4580C407C8D0FBC] - 11/03/2004 - 1:35:48 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys

O58 - SDL:[MD5.EEAEA6514BA7C9D273B5E87C4E1AAB30] - 10/04/2003 - 3:48:08 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys

O58 - SDL:[MD5.6C218301F37CB01AA29DD9AE688653BD] - 20/05/2004 - 18:52:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys

O58 - SDL:[MD5.FCBAF94B58AD03ACA117C7DF0EB5F446] - 26/05/2004 - 9:07:30 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\WINDOWS\system32\drivers\tifm21.sys

O58 - SDL:[MD5.15A72D5B8F0B6A718207F14BD5EBB8FF] - 20/09/2004 - 10:31:54 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys

O58 - SDL:[MD5.E0A95C9849E07B483AB01A6408C41FB9] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys

O58 - SDL:[MD5.5483AFEBD0E99E4CA7D31185B716296A] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys

O58 - SDL:[MD5.8C156E6B568AA927EB5DEADEB870BDD2] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Sony Ericsson Device 816.) -- C:\WINDOWS\system32\drivers\s816bus.sys

O58 - SDL:[MD5.E727776A56A51B7E6B7C87C02EA8B405] - 27/09/2003 - 0:41:12 ---A- . (.Broadcom Corporation - Broadcom Corporation NDIS 5.1 ethernet driver.) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys

O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816wh.sys

O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816whnt.sys

O58 - SDL:[MD5.94306F371A6FF8B690BEA81157111B3B] - 19/06/2007 - 8:51:20 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\drivers\s816mdm.sys

O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816cm.sys

O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816cmnt.sys

O58 - SDL:[MD5.D4ED429953A2B8B09C702805813A26C8] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\s816mdfl.sys

O58 - SDL:[MD5.2ADC0CA9945C65284B3D19BC18765974] - 13/04/2008 - 18:54:36 ---A- . (.National Semiconductor Corporation - NSC Fast Infrared Driver..) -- C:\WINDOWS\system32\drivers\nscirda.sys

O58 - SDL:[MD5.8EACD5E46764463E75F171D9BF305348] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\drivers\s816obex.sys

O58 - SDL:[MD5.FAFDD00ABAD1B6029BF7F4067764AB41] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\drivers\s816mgmt.sys

O58 - SDL:[MD5.E2090B041B935430ABC8E184B7D6CD75] - 19/06/2007 - 8:51:18 R--A- . (.MCCI - Sony Ericsson Device 816 USB Ethernet Emulation.) -- C:\WINDOWS\system32\drivers\s816unic.sys

O58 - SDL:[MD5.B7949BEDDF8B9AFDEBC43787ED0EB72A] - 19/06/2007 - 8:51:08 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (WDM class regi.) -- C:\WINDOWS\system32\drivers\s816cr.sys

O58 - SDL:[MD5.FD0D1E39CB22558D79BFF59B66A5874A] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (NDIS 5 Minipor.) -- C:\WINDOWS\system32\drivers\s816nd5.sys

O58 - SDL:[MD5.15E655BAA989444F56787EF558823643] - 21/08/2008 - 19:50:52 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys

O58 - SDL:[MD5.F754D8CD912DE9C82019AFEE33CFF0C1] - 25/04/2007 - 12:47:42 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys

O58 - SDL:[MD5.1813ECF21A11A4A8FE59C3A0F7975753] - 23/03/2004 - 17:18:44 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Driver.) -- C:\WINDOWS\system32\drivers\emDevice.sys

O58 - SDL:[MD5.F8F262C50E7CBFC2C9C5ED6FCF0A7866] - 23/03/2004 - 17:18:38 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Driver Library.) -- C:\WINDOWS\system32\drivers\emStream.sys

O58 - SDL:[MD5.56E6C458042B3BDE1F3D0202E1085C1F] - 23/03/2004 - 17:18:32 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Upper Filter.) -- C:\WINDOWS\system32\drivers\emScan.sys

O58 - SDL:[MD5.694D14543FF884F00012534F790F8E73] - 5/08/2004 - 11:35:24 R--A- . (.eMPIA Technology Inc. - EM27xx / EM28xx Filter Driver.) -- C:\WINDOWS\system32\drivers\emFilter.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 10:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 1/04/2010 - 14:43:38 ---A- C:\Documents And Settings\All Users\Bureau\Choix de navigateur .lnk

O61 - LFC:Last File Created 1/04/2010 - 18:24:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000005.png

O61 - LFC:Last File Created 1/04/2010 - 18:24:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000005

O61 - LFC:Last File Created 1/04/2010 - 21:39:50 ---A- C:\Documents And Settings\will\Bureau\lcfog.txt

O61 - LFC:Last File Created 1/04/2010 - 22:00:20 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat

O61 - LFC:Last File Created 1/04/2010 - 22:13:28 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificMPM_log.txt

O61 - LFC:Last File Created 1/04/2010 - 22:13:28 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\tlib.info

O61 - LFC:Last File Created 2/04/2010 - 0:38:14 -SHA- C:\Documents And Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 0:40:10 -SHA- C:\Documents And Settings\will\Mes documents\Mes images\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 0:41:24 ---A- C:\Documents And Settings\will\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

O61 - LFC:Last File Created 2/04/2010 - 0:41:28 -SHA- C:\Documents And Settings\will\Mes documents\Ma musique\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 12:35:42 ---A- C:\Documents And Settings\will\Application Data\Microsoft\MMC\dfrg

O61 - LFC:Last File Created 2/04/2010 - 12:40:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\F78CAE5D65CB8F387E2E0E15EF7E4AE3

O61 - LFC:Last File Created 2/04/2010 - 12:40:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\F78CAE5D65CB8F387E2E0E15EF7E4AE3

O61 - LFC:Last File Created 2/04/2010 - 12:43:50 ---A- C:\Documents And Settings\will\Mes documents\Mes fichiers reçus\1270208322568-integrated.jnlp

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\AU\au.cab

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\AU\au.msi

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-56db0649.idx

O61 - LFC:Last File Created 2/04/2010 - 12:55:26 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-588ec790.idx

O61 - LFC:Last File Created 2/04/2010 - 12:55:38 ---A- C:\Documents And Settings\All Users\Application Data\Sun\Java\Java Update\jaureglist.xml

O61 - LFC:Last File Created 2/04/2010 - 12:56:00 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-2f727378.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:02 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:02 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:52 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\deployment.properties

O61 - LFC:Last File Created 2/04/2010 - 12:59:56 ---A- C:\Documents And Settings\will\Favoris\Zebulon.fr Le site de l'optimisation PC et Windows.url

O61 - LFC:Last File Created 2/04/2010 - 13:00:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000004.png

O61 - LFC:Last File Created 2/04/2010 - 13:00:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000004

O61 - LFC:Last File Created 2/04/2010 - 13:24:34 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

O61 - LFC:Last File Created 2/04/2010 - 13:24:34 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

O61 - LFC:Last File Created 2/04/2010 - 14:01:06 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Connexion Bureau à distance.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:01:44 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Configurer les programmes par défaut.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:01:44 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:05:12 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Assistant Transfert de fichiers Bluetooth.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:05:26 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Assistant Réseau sans fil.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:05:26 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:16:38 --HA- C:\Documents And Settings\will\Local Settings\Application Data\IconCache.db

O61 - LFC:Last File Created 2/04/2010 - 14:17:06 -SH-- C:\Documents And Settings\will\ntuser.ini

O61 - LFC:Last File Created 2/04/2010 - 14:19:42 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:19:44 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:19:54 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:19:54 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:20:04 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:20:04 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:20:04 -SHA- C:\Documents And Settings\NetworkService\IETldCache\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:20:26 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini

O61 - LFC:Last File Created 2/04/2010 - 14:21:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD

O61 - LFC:Last File Created 2/04/2010 - 14:21:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML

O61 - LFC:Last File Created 2/04/2010 - 14:21:34 -SHA- C:\Documents And Settings\will\Local Settings\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:21:36 -SHA- C:\Documents And Settings\will\Application Data\Microsoft\Credentials\S-1-5-21-3390237254-3470469722-1054105476-1005\Credentials

O61 - LFC:Last File Created 2/04/2010 - 14:21:36 -SHA- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3390237254-3470469722-1054105476-1005\Credentials

O61 - LFC:Last File Created 2/04/2010 - 14:21:54 -SHA- C:\Documents And Settings\will\Local Settings\Historique\History.IE5\MSHist012010040220100403\index.dat

O61 - LFC:Last File Created 2/04/2010 - 14:21:56 ---A- C:\Documents And Settings\LocalService\Menu Démarrer\Programmes\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:06 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD

O61 - LFC:Last File Created 2/04/2010 - 14:22:06 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Bureau\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Outlook Express.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 -SHA- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 -SHA- C:\Documents And Settings\will\Menu Démarrer\Programmes\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:23:14 --HA- C:\Documents And Settings\Default User\NTUSER.DAT

O61 - LFC:Last File Created 2/04/2010 - 14:23:14 --HA- C:\Documents And Settings\Default User\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:23:20 --HA- C:\Documents And Settings\Administrateur\NTUSER.DAT

O61 - LFC:Last File Created 2/04/2010 - 14:23:20 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:23:24 ---A- C:\Documents And Settings\Administrateur.ACER-86ABAAF10A\ntuser.dat

O61 - LFC:Last File Created 2/04/2010 - 14:23:24 --HA- C:\Documents And Settings\Administrateur.ACER-86ABAAF10A\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:50:12 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000003.png

O61 - LFC:Last File Created 2/04/2010 - 14:50:12 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000003

O61 - LFC:Last File Created 2/04/2010 - 17:21:10 -SHA- C:\Documents And Settings\will\IECompatCache\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:21:10 -SHA- C:\Documents And Settings\will\IETldCache\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:21:10 -SHA- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:21:10 -SHA- C:\Documents And Settings\will\PrivacIE\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:23:24 ---A- C:\Documents And Settings\will\Bureau\CCleaner.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:23:40 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE93FC10-3E73-11DF-A696-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 17:23:40 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{5DDF9F2E-3B01-11DF-A685-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 17:23:40 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{172A29C0-3E74-11DF-A696-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 17:29:44 -SHA- C:\Documents And Settings\will\Recent\Desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 17:29:50 -SH-- C:\Documents And Settings\will\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 17:34:00 ---A- C:\Documents And Settings\will\Cookies\will@zebulon[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:02 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\#SharedObjects\KRYY3V4C\cdn5.specificclick.net\img\gu.sol

O61 - LFC:Last File Created 2/04/2010 - 17:34:02 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn5.specificclick.net\settings.sol

O61 - LFC:Last File Created 2/04/2010 - 17:34:02 ---A- C:\Documents And Settings\will\Cookies\will@xiti[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@a2dfp[2].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@adviva[2].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@cdn5.specificclick[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@doubleclick[2].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@forum.zebulon[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@fr.a2dfp[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@imageshack[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@specificclick[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:36 ---A- C:\Documents And Settings\will\Favoris\Kmasirumecahal.dll je l'ai rencontré !! - Forums Zebulon.fr.url

O61 - LFC:Last File Created 2/04/2010 - 17:36:12 ---A- C:\Documents And Settings\will\Cookies\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:36:12 ---A- C:\Documents And Settings\will\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 2/04/2010 - 17:42:04 ---A- C:\Documents And Settings\will\Recent\info.txt.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:43:30 ---A- C:\Documents And Settings\will\Recent\log.txt.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:43:30 ---A- C:\Documents And Settings\will\Recent\rsit.lnk

O61 - LFC:Last File Created 2/04/2010 - 1:18:20 ---A- C:\Documents And Settings\will\Mes documents\Mes dossiers de partage.lnk

O61 - LFC:Last File Created 2/04/2010 - 1:21:06 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\HookStarter_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:21:06 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\appLauncher_all_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:21:38 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DM_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:12 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FMOBEX_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:14 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FMOBEXSERVER_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:18 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DDPOBEXCAP_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:20 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\common_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:24:32 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FM_log.txt

O61 - LFC:Last File Created 2/04/2010 - 2:10:22 -SH-- C:\Documents And Settings\Default User\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 2:30:36 ---A- C:\Documents And Settings\Default User\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 2/04/2010 - 2:30:36 -SHA- C:\Documents And Settings\Default User\Cookies\index.dat

O61 - LFC:Last File Created 30/03/2010 - 18:39:02 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D

O61 - LFC:Last File Created 30/03/2010 - 18:39:02 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D

O61 - LFC:Last File Created 30/03/2010 - 18:39:04 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447

O61 - LFC:Last File Created 30/03/2010 - 18:39:04 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447

O61 - LFC:Last File Created 30/03/2010 - 20:34:42 ---A- C:\Documents And Settings\will\Bureau\regis.reg

O61 - LFC:Last File Created 30/03/2010 - 20:45:40 ---A- C:\Documents And Settings\will\Bureau\MKV.exe

O61 - LFC:Last File Created 30/03/2010 - 20:47:04 ---A- C:\Documents And Settings\will\Bureau\Open-config.exe

O61 - LFC:Last File Created 30/03/2010 - 20:56:58 ---A- C:\Documents And Settings\will\Bureau\TFC.exe

O61 - LFC:Last File Created 30/03/2010 - 20:57:50 ---A- C:\Documents And Settings\will\Bureau\JavaRa.zip

O61 - LFC:Last File Created 30/03/2010 - 21:00:26 ---A- C:\Documents And Settings\All Users\Application Data\open-config\open-config.rest

O61 - LFC:Last File Created 30/03/2010 - 21:42:48 ---A- C:\Documents And Settings\will\Bureau\UsbFix.exe

O61 - LFC:Last File Created 30/03/2010 - 22:19:50 ---A- C:\Documents And Settings\will\Bureau\chiquitine.txt

O61 - LFC:Last File Created 31/03/2010 - 0:28:40 ---A- C:\Documents And Settings\will\Application Data\Microsoft\Windows\Themes\Custom.theme

O61 - LFC:Last File Created 31/03/2010 - 11:24:02 R--A- C:\Documents And Settings\will\Bureau\will.exe

O61 - LFC:Last File Created 31/03/2010 - 13:38:58 ---A- C:\Documents And Settings\will\Bureau\Load_tdsskiller.exe

O61 - LFC:Last File Created 31/03/2010 - 13:39:56 ---A- C:\Documents And Settings\will\Bureau\rkill.com

O61 - LFC:Last File Created 31/03/2010 - 18:59:56 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol

O61 - LFC:Last File Created 31/03/2010 - 19:13:20 ---A- C:\Documents And Settings\will\Bureau\356VT.txt

O61 - LFC:Last File Created 31/03/2010 - 19:15:46 ---A- C:\Documents And Settings\will\Bureau\Win32kDiag.exe

O61 - LFC:Last File Created 31/03/2010 - 19:18:00 ---A- C:\Documents And Settings\will\Bureau\Win32kDiag.txt

O61 - LFC:Last File Created 31/03/2010 - 23:21:08 -SH-- C:\Documents And Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 31/03/2010 - 23:22:52 -SH-- C:\Documents And Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 31/03/2010 - 23:26:28 -SHA- C:\Documents And Settings\will\Application Data\Microsoft\Internet Explorer\Desktop.htt

O61 - LFC:Last File Created 31/03/2010 - 23:26:32 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000001.png

O61 - LFC:Last File Created 31/03/2010 - 23:26:32 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000001

O61 - LFC:Last File Created 31/03/2010 - 23:28:18 ---A- C:\Documents And Settings\will\Bureau\Raccourci vers JavaRa.exe.lnk

O61 - LFC:Last File Created 31/03/2010 - 23:32:18 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-56db0649

O61 - LFC:Last File Created 31/03/2010 - 23:32:20 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-588ec790

O61 - LFC:Last File Created 31/03/2010 - 23:32:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b

O61 - LFC:Last File Created 31/03/2010 - 23:32:26 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e

O61 - LFC:Last File Created 31/03/2010 - 23:32:30 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-2f727378

O61 - LFC:Last File Created 31/03/2010 - 23:32:42 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b-n\decora-d3d.dll

O61 - LFC:Last File Created 31/03/2010 - 23:32:42 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b-n\decora-sse.dll

O61 - LFC:Last File Created 31/03/2010 - 23:32:42 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\jmc.dll

O61 - LFC:Last File Created 31/03/2010 - 23:32:42 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\msvcp71.dll

O61 - LFC:Last File Created 31/03/2010 - 23:32:42 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e-n\msvcr71.dll

O61 - LFC:Last File Created 31/03/2010 - 23:32:46 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\lastAccessed

O61 - LFC:Last File Created 31/03/2010 - 23:32:54 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\security\trusted.certs

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (random/random)

O63 - Logiciel: UsbFix - (El Desaparecido)

O63 - Logiciel: Win32kDiag - (Pas de propriétaire)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.5.3.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP

O64 - Services: CurCS - C:\Acer\eManager\anbmServ.exe - Notebook Manager Service (anbmService) .(.OSA Technologies Inc. - Service Program for Acer eManager.) - LEGACY_ANBMSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATI_HOTKEY_POLLER

O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME

O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-psd.sys - Acer EPM Power Scheme Driver (EpmPsd) .(.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) - LEGACY_EPMPSD

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-shd.sys - Acer EPM System Hardware Driver (EpmShd) .(.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) - LEGACY_EPMSHD

O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - (.not file.) - klmd21 (klmd21) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMD21

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys - mdmxsdk (mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK

O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - (.not file.) - pavdrv (pavdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVDRV

O64 - Services: CurCS - (.not file.) - Panda Process Protection Driver (PavProc) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVPROC

O64 - Services: CurCS - (.not file.) - Panda Process Protection Service (PavPrSrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVPRSRV

O64 - Services: CurCS - (.not file.) - Panda anti-virus service (PAVSRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVSRV

O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113

O64 - Services: CurCS - (.not file.) - Panda IManager Service (PSIMSVC) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSIMSVC

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - (.not file.) - Panda File Shield Driver (ShldDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SHLDDRV

O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1008 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Installer\854d.msi (.not file.)

O66 - EventLog: ID=1008 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Installer\8556.msi (.not file.)

O66 - EventLog: ID=1508 (Userenv) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\will\ntuser.dat"}; (.not file.)

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

 

 

 

End of the scan (721 lines in 07mn 20s)

 

J'avais essyé HJT seul mais il n'en veut pas non plus.

J'espère que ceci peut aider.

Merci encore de votre travail.

(je dois encore avoir le premier rapport ZHP au cas où)

[pear]

Ca se précise:

Désinstallez Mbam, s'il est installé

Téléchargez MBAM

 

[branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Si vous utilisez Spybot

Pour désactiver TeaTimer qui ne set à rien et peut faire échouer une désinfection:!

Afficher d'abord le Mode Avancé dans SpyBot

->Options Avancées :

- >menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- >cliquer sur Outils,

- >cliquer sur Résident,

Dans Résident :

- >décocher Résident "TeaTimer" pour le désactiver.

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen rapide"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

 

 

Et si cette fichue dll n'était pas supprimée par cette procédure, lancez celle ci:

 

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

* Copiez /Collez les lignes ci dessous) en vert:

:Processes

:Files

C:\WINDOWS\system32\fdbbcebe.dll

 

:Reg

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fdbbcebe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\fdbbcebe]

 

:Commands

[purity]

[emptytemp]

[Reboot]

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

[ibajo1]

Bonjour Pear,

 

La bête est là, je vois bien que vous la sentez.

Mbam ne se laisse pas installer, et j'ai donc pris l'alternative OTM, qui selon moi, n'a pas tout tué puisque, après son passage Mbam ne s'installe toujours pas.

Hjt, il ne peut pas s'exécuter non plus, ni en direct, ni via RSIT.

 

Voici donc le rapport OTM demandé et je vous joins un nouveau ZHPDiag au cas où :

 

OTM :

 

All processes killed

========== PROCESSES ==========

========== FILES ==========

LoadLibrary failed for C:\WINDOWS\system32\fdbbcebe.dll

File move failed. C:\WINDOWS\system32\fdbbcebe.dll scheduled to be moved on reboot.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fdbbcebe\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\fdbbcebe\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: All Users

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: will

->Temp folder emptied: 515911 bytes

->Temporary Internet Files folder emptied: 5767016 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 635 bytes

 

User: TEMP

->Temporary Internet Files folder emptied: 0 bytes

 

User: TEMP.ACER-86ABAAF10A

->Temporary Internet Files folder emptied: 0 bytes

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Administrateur.ACER-86ABAAF10A

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: TEMP.ACER-86ABAAF10A.001

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 12981506 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 19,00 mb

 

 

OTM by OldTimer - Version 3.1.10.1 log created on 04032010_000721

 

Files moved on Reboot...

File move failed. C:\WINDOWS\system32\fdbbcebe.dll scheduled to be moved on reboot.

C:\Documents and Settings\will\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.

File C:\Documents and Settings\will\Local Settings\Temp\~DF3F81.tmp not found!

File C:\Documents and Settings\will\Local Settings\Temp\~DF40AE.tmp not found!

File C:\Documents and Settings\will\Local Settings\Temp\~DF4161.tmp not found!

File C:\Documents and Settings\will\Local Settings\Temp\~DF4245.tmp not found!

File C:\Documents and Settings\will\Local Settings\Temp\~DF42E3.tmp not found!

File C:\Documents and Settings\will\Local Settings\Temp\~DF44AD.tmp not found!

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\XH31OU91\kmasirumecahaldll-je-l-ai-rencontre-t175300[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\XH31OU91\imgCAAV2M1D.htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\XH31OU91\imgCATS65SZ.htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\XH31OU91\hp[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\GHM1W71D\rectangle_300x250[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\GHM1W71D\iframe[2].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\VXW6YW01\AP_ADV_300x250[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\VXW6YW01\AP_ADV_728x90[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\VXW6YW01\ads[8].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\LCJKZ4MI\ban_728x90[1].htm moved successfully.

C:\Documents and Settings\will\Local Settings\Temporary Internet Files\Content.IE5\LCJKZ4MI\povh[1].htm moved successfully.

 

Registry entries deleted on Reboot...

 

ZHPDiag :

 

Rapport de ZHPDiag v1.25.1341 par Nicolas Coolman

Run by will at 3/04/2010 0:33:56

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

 

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

Processor: x86 Family 6 Model 9 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 238 MB (23% free)

System drive C: has 1 GB (8%) free of 8 GB

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 8 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 13 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 14 Go)

F:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

 

 

---\\ Processus lancés

[MD5.6DC4A31EC070A6696D4BDB351C336482] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98304]

[MD5.E24641EBCD05F55825516F816BB29272] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [532480]

[MD5.D24B9B36C06CA0ACF7CA2C69D9BB25B5] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [155648]

[MD5.66A5047DF0C0CEC911B95B5B1E24CEBC] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [118784]

[MD5.DD1B2BD5DCBF614E91BD12814607DB70] - (.Acer Value Labs, USA - Acer EPM Device Manager.) -- c:\acer\epm\epm-dm.exe [151552]

[MD5.3C3D3423AD2F3182FAAF7EBF3FACAB37] - (.Acer Value Labs, Taiwan - Acer ePowerManagement.) -- C:\Acer\ePM\ePM.exe [2876416]

[MD5.2C6C2E36E3879759CE3CCA26999EEF43] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZgAcer.exe [319488]

[MD5.1A0A509A340E3CC23CFB0C5C44403A41] - (.Pas de propriétaire - SamsungMediaStudioAgent.) -- C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe [40960]

[MD5.51E2FF8A630A6CC96581842CEE132864] - (.CyberLink - PVCR2 Scheduler Agent.) -- D:\VCR II\Agent.exe [94208]

[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [248040]

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]

[MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360]

[MD5.9435C1C2D2111573111367F92F208C1F] - (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [437160]

[MD5.C10D0FAE427EA464EDEA2EE5DC40F056] - (.OSA Technologies Inc. - Service Program for Acer eManager.) -- C:\Acer\eManager\anbmServ.exe [1287168]

[MD5.59D1A07A686D994838AEE1DB258E3654] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832]

[MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\System32\svchost.exe [14336]

[MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104]

[MD5.305687EB8C8E0A12A0B2BAE387B6E466] - (.Microsoft Corporation - Service de télécopie.) -- C:\WINDOWS\system32\fxssvc.exe [268800]

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664]

[MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312]

[MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856]

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [synTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [EPM-DM] . (.Acer Value Labs, USA - Acer EPM Device Manager.) -- c:\acer\epm\epm-dm.exe

O4 - HKLM\..\Run: [ePowerManagement] . (.Acer Value Labs, Taiwan - Acer ePowerManagement.) -- C:\Acer\ePM\ePM.exe

O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\QtZgAcer.exe

O4 - HKLM\..\Run: [YeppStudioAgent] . (.Pas de propriétaire - SamsungMediaStudioAgent.) -- C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe

O4 - HKLM\..\Run: [Agent] . (.CyberLink - PVCR2 Scheduler Agent.) -- D:\VCR II\Agent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - Global Startup: Sitecom Wireless Utility.lnk . (.Sitecom - Sitecom Wireless Utility.) -- C:\Program Files\Sitecom\Common\WLANUtil.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - (.not file.) - https:\\fpdownload.macromedia.com\get\shockwave\cabs\flash\swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: fdbbcebe . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\fdbbcebe.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Notebook Manager Service (anbmService) . (.OSA Technologies Inc. - Service Program for Acer eManager.) - C:\Acer\eManager\anbmServ.exe

O23 - Service: (Ati HotKey Poller) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp.inf

O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\fxsocm.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Acer eManager for Notebook - (.Acer Inc..)

O42 - Logiciel: Acer ePowerManagement - (.Pas de propriétaire.)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.)

O42 - Logiciel: Apple Software Update - (.Apple Computer, Inc..)

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.)

O42 - Logiciel: CCleaner - (.Piriform.)

O42 - Logiciel: Conexant AC-Link Audio - (.Pas de propriétaire.)

O42 - Logiciel: Disc2Phone - (.Pas de propriétaire.)

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)

O42 - Logiciel: Google Update Helper - (.Google Inc..)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.)

O42 - Logiciel: Intel® Extreme Graphics 2 Driver - (.Pas de propriétaire.)

O42 - Logiciel: Java 6 Update 19 - (.Sun Microsystems, Inc..)

O42 - Logiciel: Launch Manager - (.Pas de propriétaire.)

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.)

O42 - Logiciel: PowerVCR II - (.Pas de propriétaire.)

O42 - Logiciel: Sitecom Wireless-N Network USB Adapter WL-182 - (.Sitecom.)

O42 - Logiciel: SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.)

O42 - Logiciel: Synaptics Pointing Device Driver - (.Pas de propriétaire.)

O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers. - (.Texas Instruments Inc..)

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.)

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.)

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.)

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.)

 

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services

O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Intel

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\CONEXANT

O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics

O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc

O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink

O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems

O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group

O43 - CFD:Common File Directory ----D- C:\Program Files\Launch Manager

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung

O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Sony

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Sitecom

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache

O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Teleca Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Panda Software

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 1/04/2010 - 22:10:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [227]

O44 - LFC:[MD5.23E627B427E9F34B5312EFF19F7BAB0D] - 1/04/2010 - 22:16:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ComboFix.txt [11725]

O44 - LFC:[MD5.A6BB90198FBDBEF66C6FF43CA5368E7F] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Control Panel.) -- C:\WINDOWS\System32\javacpl.cpl [73728]

O44 - LFC:[MD5.FA8D8FA6C60AB99C07693560842C9BB6] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\deploytk.dll [411368]

O44 - LFC:[MD5.CF236C6C37519794C8CB663FA639297D] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]

O44 - LFC:[MD5.8BB5783B22869D303B2E624947A9A52A] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]

O44 - LFC:[MD5.AC600895C014D245B03749CA3B5CBED4] - 2/04/2010 - 12:54:34 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [153376]

O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 2/04/2010 - 13:52:14 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\ntldr [252240]

O44 - LFC:[MD5.C17762569E20CFED6320FDDF6474D130] - 2/04/2010 - 14:19:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [192976]

O44 - LFC:[MD5.5D3207B10F6CBA958E5EC5E515F7FAFD] - 2/04/2010 - 14:20:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [1158]

O44 - LFC:[MD5.B360014C102A7C7837E8F6D7FB54F232] - 2/04/2010 - 14:20:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\spupdwxp.log [269]

O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2/04/2010 - 14:22:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WMSysPr9.prx [316640]

O44 - LFC:[MD5.1DAA565CE8025FF962805BE536D492E3] - 2/04/2010 - 23:07:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1099164]

O44 - LFC:[MD5.26DBE7AB9C5061623785E41341F41DA0] - 2/04/2010 - 23:07:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [68318]

O44 - LFC:[MD5.0A4D59093D251AC3428967FF5D10F9E7] - 2/04/2010 - 23:07:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [81816]

O44 - LFC:[MD5.9BF4F2E8F8ACD84AD693E1E083D39AA9] - 2/04/2010 - 23:07:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [434032]

O44 - LFC:[MD5.E01FA8C40ECEE35FB418E68ED3B6922F] - 2/04/2010 - 23:07:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [502688]

O44 - LFC:[MD5.873EA3362AA6AC9B704F6C27D2CC7445] - 2/04/2010 - 23:07:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bthservsdp.dat [12]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2/04/2010 - 23:08:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2/04/2010 - 23:08:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32590]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2/04/2010 - 23:08:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1056913]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 2/04/2010 - 23:10:10 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/04/2010 - 23:10:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.00000000000000000000000000000000] - 2/04/2010 - 23:10:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.C3D07D2934B4F890015E7992810540D0] - 2/04/2010 - 23:10:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt [4428]

O44 - LFC:[MD5.2C33E9D6B251D1FE7E6A491FBE96DB52] - 2/04/2010 - 23:15:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\rkill.log [421]

O44 - LFC:[MD5.2C33E9D6B251D1FE7E6A491FBE96DB52] - 2/04/2010 - 23:15:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\rkill0304.log [421]

O44 - LFC:[MD5.0D2949BB235EEBCB0357256A5409656E] - 29/03/2010 - 2:15:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Awpr.ini [68]

O44 - LFC:[MD5.395B22A836F8FD8D8E32CD1B355D51D4] - 29/03/2010 - 4:53:07 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\WINDOWS\System32\MRT.exe [31648712]

O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 29/03/2010 - 5:09:26 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\WINDOWS\SWSC.exe [136704]

O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 29/03/2010 - 5:09:26 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\WINDOWS\SWXCACLS.exe [212480]

O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 29/03/2010 - 5:09:27 ---A- . (.NirSoft - NirCmd.) -- C:\WINDOWS\NIRCMD.exe [31232]

O44 - LFC:[MD5.C5EC72A20B4C98DB5314E6C46765B148] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\MBR.exe [77312]

O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\grep.exe [80412]

O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\sed.exe [98816]

O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 29/03/2010 - 5:09:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\zip.exe [68096]

O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 29/03/2010 - 5:09:27 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\WINDOWS\SWREG.exe [161792]

O44 - LFC:[MD5.48C65662EC81FBCAA110509F50C51497] - 29/03/2010 - 5:10:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\cmldr [263488]

O44 - LFC:[MD5.574C94EED8119C6860546294753EC938] - 29/03/2010 - 5:10:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Boot.bak [216]

O44 - LFC:[MD5.1D0D125513BB0F3332847F674956C847] - 29/03/2010 - 5:10:38 RSHA- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [286]

O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 29/03/2010 - 8:05:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\CONFIG.NT [3072]

O44 - LFC:[MD5.1E9AC79AB02F692ECFC9E5BE7AE587EB] - 31/03/2010 - 2:02:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [214114]

O44 - LFC:[MD5.71EB191C1FE3511EEA786174327E0E94] - 31/03/2010 - 14:25:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.25.04_log.txt [30754]

O44 - LFC:[MD5.32A978AE2B730F6411804AFF137FB4D9] - 31/03/2010 - 14:11:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.11.07_log.txt [30754]

O44 - LFC:[MD5.7394812FC86B7BDC76EA1AAE5610F2D5] - 31/03/2010 - 14:10:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.10.27_log.txt [30754]

O44 - LFC:[MD5.422E20FC13882D6540C2010A579DED6B] - 31/03/2010 - 14:10:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.2.8.1_31.03.2010_15.09.57_log.txt [34528]

O44 - LFC:[MD5.4AE867312CC8BA4D2955417DDD42947A] - 31/03/2010 - 13:08:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse1.txt [4791]

O44 - LFC:[MD5.0F377EC604449581050B01D6D6DD3712] - 31/03/2010 - 13:06:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse2.txt [4037]

O44 - LFC:[MD5.F5AA13A28E46D685DC76ABB6B8E4A310] - 31/03/2010 - 13:03:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\analyse3.txt [4487]

O44 - LFC:[MD5.A068AC21ACA263F5D6D545B0AC9EEE65] - 30/03/2010 - 23:34:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\JavaRa.log [6114]

O44 - LFC:[MD5.352CAAA798775CF26DDB3737FBA79278] - 30/03/2010 - 22:22:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Usb2Fix.txt [1151]

O44 - LFC:[MD5.352CAAA798775CF26DDB3737FBA79278] - 30/03/2010 - 22:21:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [1151]

O44 - LFC:[MD5.2868592FFACA673C159CF7EF782F3DCC] - 30/03/2010 - 22:20:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Usb1Fix.txt [4081]

O44 - LFC:[MD5.82F2708964443340D835A5A5761E5ADC] - 30/03/2010 - 22:00:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix_Upload_Me_ACER-86ABAAF10A.zip [489952]

O44 - LFC:[MD5.A64BAF3A7D0F36E77AB34B88AE9CAE93] - 30/03/2010 - 18:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Raccourci vers ACERDATA (D).lnk [187]

O44 - LFC:[MD5.7CA96386C782237988592EB606CED583] - 12/03/2010 - 17:02:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\PEV.exe [261632]

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\BLASTCLN.EXE-32F30471.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\MOFCOMP.EXE-266B2314.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6A09524A.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:22 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:56 ---A- C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-286C3734.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:21:58 ---A- C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:06 ---A- C:\WINDOWS\Prefetch\LOGAGENT.EXE-2BE87CC2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:10 ---A- C:\WINDOWS\Prefetch\MIGRATE.EXE-065C8435.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-5E6ADB37.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:34 ---A- C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:38 ---A- C:\WINDOWS\Prefetch\SETUP50.EXE-2911CBB9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:38 ---A- C:\WINDOWS\Prefetch\SHMGRATE.EXE-2DD3E4D8.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:22:54 ---A- C:\WINDOWS\Prefetch\ALAUNCH.EXE-145B15F4.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\HKCMD.EXE-0F06AE14.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\IGFXTRAY.EXE-0A23D403.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B866543.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\SYNTPENH.EXE-2B70B91C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:04 ---A- C:\WINDOWS\Prefetch\SYNTPLPR.EXE-0340D8DF.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:06 ---A- C:\WINDOWS\Prefetch\EPM-DM.EXE-1C692784.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:06 ---A- C:\WINDOWS\Prefetch\EPM.EXE-37629B5F.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:10 ---A- C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-0047A1C5.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:10 ---A- C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:14 ---A- C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:14 ---A- C:\WINDOWS\Prefetch\WLANUTIL.EXE-0AECB705.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:54 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.EXE-20D86F62.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:23:54 ---A- C:\WINDOWS\Prefetch\MBAM-SETUP.TMP-0882E2D7.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:24:20 ---A- C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:32:00 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-6DF739B2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:32:06 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 14:42:08 ---A- C:\WINDOWS\Prefetch\MSCORSVW.EXE-310BC412.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:22:48 ---A- C:\WINDOWS\Prefetch\CCSETUP230[1].EXE-32EB1F83.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:23:42 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:29:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:29:54 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:46:56 ---A- C:\WINDOWS\Prefetch\LADS.EXE-0D3BCDEA.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:46:56 ---A- C:\WINDOWS\Prefetch\SETACL.EXE-089EBA3B.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 17:52:50 ---A- C:\WINDOWS\Prefetch\SIGCHECK.EXE-01148FB6.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 19:01:52 ---A- C:\WINDOWS\Prefetch\ACER.SCR-2DFB4018.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 19:07:26 ---A- C:\WINDOWS\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 19:07:36 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 19:07:38 ---A- C:\WINDOWS\Prefetch\DFRGFAT.EXE-22605FE5.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 19:16:24 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-1C192440.pf

O45 - LFCP:Last File Created Prefetch 2/04/2010 - 22:20:12 ---A- C:\WINDOWS\Prefetch\51723-MB.TMP-0138C412.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:03:40 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-2F4A2F77.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:05:48 ---A- C:\WINDOWS\Prefetch\OTM.EXE-26DFC3AB.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:07:46 ---A- C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:07:54 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:12:34 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:12:40 ---A- C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:14:04 ---A- C:\WINDOWS\Prefetch\51723-MB.TMP-05E01FE9.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:14:04 ---A- C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-160E1F62.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:08 ---A- C:\WINDOWS\Prefetch\NIRCMDC.RKEXE-3B90490E.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:08 ---A- C:\WINDOWS\Prefetch\PEV.RKEXE-397B03BF.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:08 ---A- C:\WINDOWS\Prefetch\RKILL.COM-2C6DD97F.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:10 ---A- C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:10 ---A- C:\WINDOWS\Prefetch\FINDSTR.EXE-1A4FC238.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:10 ---A- C:\WINDOWS\Prefetch\SED.RKEXE-3660F9A8.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:22 ---A- C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:15:26 ---A- C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:16:06 ---A- C:\WINDOWS\Prefetch\51723-MB.EXE-034E69D4.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:16:06 ---A- C:\WINDOWS\Prefetch\51723-MB.TMP-386203AA.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:17:02 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:17:16 ---A- C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3B7F4DC2.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:18:20 ---A- C:\WINDOWS\Prefetch\WILL.EXE-0A62860B.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:18:24 ---A- C:\WINDOWS\Prefetch\RSIT.EXE-03DC5858.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:18:28 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:18:52 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:31:04 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf

O45 - LFCP:Last File Created Prefetch 3/04/2010 - 23:33:38 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25C13877.pf

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

 

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Windows Live\Messenger\livecall.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKCU\...\Policies\Explorer] - "WizmaxBackup_NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "WizmaxBackup_NoDriveTypeAutoRun"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 5/08/2004 - 4:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 5/08/2004 - 4:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 5/08/2004 - 4:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 5/08/2004 - 4:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 5/08/2004 - 4:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.2F25457FEC1404470843D8B930EA00B9] - 15/05/2004 - 21:41:40 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.B9543B0C771FEAB7CA095303007A159C] - 23/05/2003 - 0:47:12 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\drivers\b57xp32.sys

O58 - SDL:[MD5.960CE9B896750CC02FE5F1103CC23460] - 20/08/2004 - 23:41:46 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w29n51.sys

O58 - SDL:[MD5.B1DFE92234A62AB304DDC033F4EDFDB1] - 14/08/2004 - 19:59:00 ---A- . (.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) -- C:\WINDOWS\system32\drivers\epm-shd.sys

O58 - SDL:[MD5.DA58A8BE6A445835F603720C4BC8837E] - 11/02/2004 - 1:17:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys

O58 - SDL:[MD5.D68564FCFBDFC04280CDBBB37CF7EF7F] - 19/07/2004 - 12:10:00 ---A- . (.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) -- C:\WINDOWS\system32\drivers\epm-psd.sys

O58 - SDL:[MD5.96A48BDA68BF734AAE79F910AB884A34] - 20/11/2002 - 15:29:12 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS

O58 - SDL:[MD5.5A94E9D6E2716E38183959D8F4C2A5A9] - 30/04/2004 - 4:09:20 ---A- . (.Conexant Systems Inc. - Conexant WDM AC97 Audio Driver.) -- C:\WINDOWS\system32\drivers\camcaud.sys

O58 - SDL:[MD5.E7E737BC125D6BEB50669FF4B61CED19] - 30/04/2004 - 4:10:06 ---A- . (.Conexant Systems Inc. - Conexant AmcHal Driver.) -- C:\WINDOWS\system32\drivers\camchal.sys

O58 - SDL:[MD5.2A8C145E9E9E63B0071DA4F35544AB9D] - 11/03/2004 - 1:37:26 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys

O58 - SDL:[MD5.EECF0C3B62040F26C62B6579794C702E] - 11/03/2004 - 1:40:28 ---A- . (.Conexant Systems, Inc. - HSFHWICH WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys

O58 - SDL:[MD5.4683B5D9566B8653D4580C407C8D0FBC] - 11/03/2004 - 1:35:48 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys

O58 - SDL:[MD5.EEAEA6514BA7C9D273B5E87C4E1AAB30] - 10/04/2003 - 3:48:08 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys

O58 - SDL:[MD5.6C218301F37CB01AA29DD9AE688653BD] - 20/05/2004 - 18:52:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys

O58 - SDL:[MD5.FCBAF94B58AD03ACA117C7DF0EB5F446] - 26/05/2004 - 9:07:30 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\WINDOWS\system32\drivers\tifm21.sys

O58 - SDL:[MD5.15A72D5B8F0B6A718207F14BD5EBB8FF] - 20/09/2004 - 10:31:54 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys

O58 - SDL:[MD5.E0A95C9849E07B483AB01A6408C41FB9] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys

O58 - SDL:[MD5.5483AFEBD0E99E4CA7D31185B716296A] - 1/06/2004 - 10:50:50 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys

O58 - SDL:[MD5.8C156E6B568AA927EB5DEADEB870BDD2] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Sony Ericsson Device 816.) -- C:\WINDOWS\system32\drivers\s816bus.sys

O58 - SDL:[MD5.E727776A56A51B7E6B7C87C02EA8B405] - 27/09/2003 - 0:41:12 ---A- . (.Broadcom Corporation - Broadcom Corporation NDIS 5.1 ethernet driver.) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys

O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816wh.sys

O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816whnt.sys

O58 - SDL:[MD5.94306F371A6FF8B690BEA81157111B3B] - 19/06/2007 - 8:51:20 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\drivers\s816mdm.sys

O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816cm.sys

O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19/06/2007 - 8:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\s816cmnt.sys

O58 - SDL:[MD5.D4ED429953A2B8B09C702805813A26C8] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\s816mdfl.sys

O58 - SDL:[MD5.2ADC0CA9945C65284B3D19BC18765974] - 13/04/2008 - 18:54:36 ---A- . (.National Semiconductor Corporation - NSC Fast Infrared Driver..) -- C:\WINDOWS\system32\drivers\nscirda.sys

O58 - SDL:[MD5.8EACD5E46764463E75F171D9BF305348] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\drivers\s816obex.sys

O58 - SDL:[MD5.FAFDD00ABAD1B6029BF7F4067764AB41] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\drivers\s816mgmt.sys

O58 - SDL:[MD5.E2090B041B935430ABC8E184B7D6CD75] - 19/06/2007 - 8:51:18 R--A- . (.MCCI - Sony Ericsson Device 816 USB Ethernet Emulation.) -- C:\WINDOWS\system32\drivers\s816unic.sys

O58 - SDL:[MD5.B7949BEDDF8B9AFDEBC43787ED0EB72A] - 19/06/2007 - 8:51:08 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (WDM class regi.) -- C:\WINDOWS\system32\drivers\s816cr.sys

O58 - SDL:[MD5.FD0D1E39CB22558D79BFF59B66A5874A] - 19/06/2007 - 8:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (NDIS 5 Minipor.) -- C:\WINDOWS\system32\drivers\s816nd5.sys

O58 - SDL:[MD5.15E655BAA989444F56787EF558823643] - 21/08/2008 - 19:50:52 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys

O58 - SDL:[MD5.F754D8CD912DE9C82019AFEE33CFF0C1] - 25/04/2007 - 12:47:42 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2870.sys

O58 - SDL:[MD5.1813ECF21A11A4A8FE59C3A0F7975753] - 23/03/2004 - 17:18:44 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Driver.) -- C:\WINDOWS\system32\drivers\emDevice.sys

O58 - SDL:[MD5.F8F262C50E7CBFC2C9C5ED6FCF0A7866] - 23/03/2004 - 17:18:38 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Driver Library.) -- C:\WINDOWS\system32\drivers\emStream.sys

O58 - SDL:[MD5.56E6C458042B3BDE1F3D0202E1085C1F] - 23/03/2004 - 17:18:32 R--A- . (.eMPIA Technology, Inc. - USB 28xx WDM Upper Filter.) -- C:\WINDOWS\system32\drivers\emScan.sys

O58 - SDL:[MD5.694D14543FF884F00012534F790F8E73] - 5/08/2004 - 11:35:24 R--A- . (.eMPIA Technology Inc. - EM27xx / EM28xx Filter Driver.) -- C:\WINDOWS\system32\drivers\emFilter.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 10:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 5/08/2004 - 4:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 1/04/2010 - 14:43:38 ---A- C:\Documents And Settings\All Users\Bureau\Choix de navigateur .lnk

O61 - LFC:Last File Created 1/04/2010 - 18:24:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000005.png

O61 - LFC:Last File Created 1/04/2010 - 18:24:28 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000005

O61 - LFC:Last File Created 1/04/2010 - 21:39:50 ---A- C:\Documents And Settings\will\Bureau\lcfog.txt

O61 - LFC:Last File Created 1/04/2010 - 22:00:20 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat

O61 - LFC:Last File Created 1/04/2010 - 22:13:28 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificMPM_log.txt

O61 - LFC:Last File Created 1/04/2010 - 22:13:28 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\tlib.info

O61 - LFC:Last File Created 2/04/2010 - 0:38:14 -SHA- C:\Documents And Settings\All Users\Documents\Mes images\Échantillons d'images\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 0:40:10 -SHA- C:\Documents And Settings\will\Mes documents\Mes images\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 0:41:24 ---A- C:\Documents And Settings\will\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

O61 - LFC:Last File Created 2/04/2010 - 0:41:28 -SHA- C:\Documents And Settings\will\Mes documents\Ma musique\Thumbs.db

O61 - LFC:Last File Created 2/04/2010 - 12:35:42 ---A- C:\Documents And Settings\will\Application Data\Microsoft\MMC\dfrg

O61 - LFC:Last File Created 2/04/2010 - 12:40:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\F78CAE5D65CB8F387E2E0E15EF7E4AE3

O61 - LFC:Last File Created 2/04/2010 - 12:40:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\F78CAE5D65CB8F387E2E0E15EF7E4AE3

O61 - LFC:Last File Created 2/04/2010 - 12:43:50 ---A- C:\Documents And Settings\will\Mes documents\Mes fichiers reçus\1270208322568-integrated.jnlp

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\AU\au.cab

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\AU\au.msi

O61 - LFC:Last File Created 2/04/2010 - 12:55:24 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-56db0649.idx

O61 - LFC:Last File Created 2/04/2010 - 12:55:26 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\24\2a20e358-588ec790.idx

O61 - LFC:Last File Created 2/04/2010 - 12:55:38 ---A- C:\Documents And Settings\All Users\Application Data\Sun\Java\Java Update\jaureglist.xml

O61 - LFC:Last File Created 2/04/2010 - 12:56:00 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\25\794f2bd9-2f727378.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:02 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1c6ac65b.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:02 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-688ed81e.idx

O61 - LFC:Last File Created 2/04/2010 - 12:56:52 ---A- C:\Documents And Settings\will\Application Data\Sun\Java\Deployment\deployment.properties

O61 - LFC:Last File Created 2/04/2010 - 13:24:34 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

O61 - LFC:Last File Created 2/04/2010 - 13:24:34 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

O61 - LFC:Last File Created 2/04/2010 - 14:01:06 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Connexion Bureau à distance.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:01:44 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Configurer les programmes par défaut.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:01:44 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:05:12 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Assistant Transfert de fichiers Bluetooth.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:05:26 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\Assistant Réseau sans fil.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:05:26 -SHA- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Accessoires\Communications\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:16:38 --HA- C:\Documents And Settings\will\Local Settings\Application Data\IconCache.db

O61 - LFC:Last File Created 2/04/2010 - 14:21:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD

O61 - LFC:Last File Created 2/04/2010 - 14:21:30 ---A- C:\Documents And Settings\LocalService\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML

O61 - LFC:Last File Created 2/04/2010 - 14:21:56 ---A- C:\Documents And Settings\LocalService\Menu Démarrer\Programmes\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:06 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD

O61 - LFC:Last File Created 2/04/2010 - 14:22:06 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Bureau\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:34 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Lecteur Windows Media.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\Carnet d'adresses.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 ---A- C:\Documents And Settings\will\Menu Démarrer\Programmes\Outlook Express.lnk

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 -SHA- C:\Documents And Settings\will\Menu Démarrer\Programmes\Accessoires\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:22:38 -SHA- C:\Documents And Settings\will\Menu Démarrer\Programmes\desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 14:23:14 --HA- C:\Documents And Settings\Default User\NTUSER.DAT

O61 - LFC:Last File Created 2/04/2010 - 14:23:14 --HA- C:\Documents And Settings\Default User\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:23:20 --HA- C:\Documents And Settings\Administrateur\NTUSER.DAT

O61 - LFC:Last File Created 2/04/2010 - 14:23:20 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:23:24 ---A- C:\Documents And Settings\Administrateur.ACER-86ABAAF10A\ntuser.dat

O61 - LFC:Last File Created 2/04/2010 - 14:23:24 --HA- C:\Documents And Settings\Administrateur.ACER-86ABAAF10A\ntuser.dat.LOG

O61 - LFC:Last File Created 2/04/2010 - 14:50:12 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000003.png

O61 - LFC:Last File Created 2/04/2010 - 14:50:12 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000003

O61 - LFC:Last File Created 2/04/2010 - 17:23:24 ---A- C:\Documents And Settings\will\Bureau\CCleaner.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:29:44 -SHA- C:\Documents And Settings\will\Recent\Desktop.ini

O61 - LFC:Last File Created 2/04/2010 - 17:34:02 ---A- C:\Documents And Settings\will\Cookies\will@xiti[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:34:34 ---A- C:\Documents And Settings\will\Cookies\will@imageshack[1].txt

O61 - LFC:Last File Created 2/04/2010 - 17:42:04 ---A- C:\Documents And Settings\will\Recent\info.txt.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:43:30 ---A- C:\Documents And Settings\will\Recent\log.txt.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:43:30 ---A- C:\Documents And Settings\will\Recent\rsit.lnk

O61 - LFC:Last File Created 2/04/2010 - 17:51:24 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD

O61 - LFC:Last File Created 2/04/2010 - 17:51:24 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD

O61 - LFC:Last File Created 2/04/2010 - 17:53:30 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217

O61 - LFC:Last File Created 2/04/2010 - 17:53:30 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217

O61 - LFC:Last File Created 2/04/2010 - 18:11:20 ---A- C:\Documents And Settings\will\Cookies\will@atdmt[1].txt

O61 - LFC:Last File Created 2/04/2010 - 18:11:20 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000002.png

O61 - LFC:Last File Created 2/04/2010 - 18:11:20 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000002

O61 - LFC:Last File Created 2/04/2010 - 18:12:44 ---A- C:\Documents And Settings\will\Cookies\will@bluestreak[1].txt

O61 - LFC:Last File Created 2/04/2010 - 18:15:12 ---A- C:\Documents And Settings\will\Cookies\will@govoyages[1].txt

O61 - LFC:Last File Created 2/04/2010 - 18:22:00 ---A- C:\Documents And Settings\will\Mes documents\ZHPDiag02041921.Txt

O61 - LFC:Last File Created 2/04/2010 - 18:22:52 ---A- C:\Documents And Settings\will\Recent\ZHPDiag02041921.Txt.lnk

O61 - LFC:Last File Created 2/04/2010 - 18:42:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\Content\5553AF14BD4C3B1DE599145FD14950E0

O61 - LFC:Last File Created 2/04/2010 - 18:42:38 -S-A- C:\Documents And Settings\will\Application Data\Microsoft\CryptnetUrlCache\MetaData\5553AF14BD4C3B1DE599145FD14950E0

O61 - LFC:Last File Created 2/04/2010 - 1:18:20 ---A- C:\Documents And Settings\will\Mes documents\Mes dossiers de partage.lnk

O61 - LFC:Last File Created 2/04/2010 - 1:21:06 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\HookStarter_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:21:06 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\appLauncher_all_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:21:38 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DM_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:12 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FMOBEX_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:14 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FMOBEXSERVER_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:18 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DDPOBEXCAP_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:22:20 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\common_log.txt

O61 - LFC:Last File Created 2/04/2010 - 1:24:32 ---A- C:\Documents And Settings\will\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FM_log.txt

O61 - LFC:Last File Created 2/04/2010 - 22:06:22 ---A- C:\Documents And Settings\will\Application Data\Google\Local Search History\google%2Eweb.w

O61 - LFC:Last File Created 2/04/2010 - 22:06:50 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{5DDF9F2E-3B01-11DF-A685-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 22:06:50 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{A0FF7D41-3E9B-11DF-A696-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 22:06:50 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{A0FF7D42-3E9B-11DF-A696-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 22:06:50 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{A0FF7D43-3E9B-11DF-A696-00C09F5A44E3}.dat

O61 - LFC:Last File Created 2/04/2010 - 22:06:52 ---A- C:\Documents And Settings\will\Cookies\will@doubleclick[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:10 ---A- C:\Documents And Settings\will\Cookies\will@google[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:16 ---A- C:\Documents And Settings\will\Cookies\will@c.live[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:16 ---A- C:\Documents And Settings\will\Cookies\will@c.msn[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:32 ---A- C:\Documents And Settings\will\Cookies\will@adviva[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:34 ---A- C:\Documents And Settings\will\Favoris\Kmasirumecahal.dll je l'ai rencontré !! - Forums Zebulon.fr.url

O61 - LFC:Last File Created 2/04/2010 - 22:07:40 ---A- C:\Documents And Settings\will\Cookies\will@zebulon[2].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:42 ---A- C:\Documents And Settings\will\Cookies\will@a2dfp[2].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:42 ---A- C:\Documents And Settings\will\Cookies\will@cdn5.specificclick[2].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:42 ---A- C:\Documents And Settings\will\Cookies\will@forum.zebulon[2].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:42 ---A- C:\Documents And Settings\will\Cookies\will@fr.a2dfp[1].txt

O61 - LFC:Last File Created 2/04/2010 - 22:07:42 ---A- C:\Documents And Settings\will\Cookies\will@specificclick[2].txt

O61 - LFC:Last File Created 2/04/2010 - 22:14:36 ---A- C:\Documents And Settings\will\Bureau\51723-MB.exe

O61 - LFC:Last File Created 2/04/2010 - 22:16:42 -SHA- C:\Documents And Settings\will\Local Settings\Historique\History.IE5\MSHist012010040220100403\index.dat

O61 - LFC:Last File Created 2/04/2010 - 22:16:58 ---A- C:\Documents And Settings\will\Bureau\OTM.exe

O61 - LFC:Last File Created 2/04/2010 - 2:30:36 ---A- C:\Documents And Settings\Default User\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 2/04/2010 - 2:30:36 -SHA- C:\Documents And Settings\Default User\Cookies\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:07:54 -SH-- C:\Documents And Settings\will\ntuser.ini

O61 - LFC:Last File Created 3/04/2010 - 23:10:12 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:10:12 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:10:22 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:10:22 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:10:22 -SH-- C:\Documents And Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:10:24 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:10:24 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:10:24 -SHA- C:\Documents And Settings\NetworkService\IETldCache\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:10:36 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\schema.ini

O61 - LFC:Last File Created 3/04/2010 - 23:11:08 -SHA- C:\Documents And Settings\will\Application Data\Microsoft\Credentials\S-1-5-21-3390237254-3470469722-1054105476-1005\Credentials

O61 - LFC:Last File Created 3/04/2010 - 23:11:08 -SHA- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3390237254-3470469722-1054105476-1005\Credentials

O61 - LFC:Last File Created 3/04/2010 - 23:11:08 -SHA- C:\Documents And Settings\will\Local Settings\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:11:54 -SH-- C:\Documents And Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:11:54 -SH-- C:\Documents And Settings\will\Local Settings\Temporary Internet Files\desktop.ini

O61 - LFC:Last File Created 3/04/2010 - 23:13:24 ---A- C:\Documents And Settings\will\Bureau\04032010_000721pear.log

O61 - LFC:Last File Created 3/04/2010 - 23:14:04 ---A- C:\Documents And Settings\will\Local Settings\temp\is-63KNM.tmp\_isetup\_RegDLL.tmp

O61 - LFC:Last File Created 3/04/2010 - 23:14:04 ---A- C:\Documents And Settings\will\Local Settings\temp\is-63KNM.tmp\_isetup\_shfoldr.dll

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\nircmd.chm

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\nircmd.rkexe

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\nircmdc.rkexe

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\pev.rkexe

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\rkill.bat

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\rkill.reg

O61 - LFC:Last File Created 3/04/2010 - 23:15:06 ---A- C:\Documents And Settings\will\Local Settings\temp\3.tmp\sed.rkexe

O61 - LFC:Last File Created 3/04/2010 - 23:15:12 -SHA- C:\Documents And Settings\will\Local Settings\Historique\History.IE5\MSHist012010040320100404\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:15:12 -SHA- C:\Documents And Settings\will\Local Settings\Historique\History.IE5\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:15:50 ---A- C:\Documents And Settings\will\Recent\ACER ©.lnk

O61 - LFC:Last File Created 3/04/2010 - 23:15:50 ---A- C:\Documents And Settings\will\Recent\rkill0304.log.lnk

O61 - LFC:Last File Created 3/04/2010 - 23:16:06 ---A- C:\Documents And Settings\will\Local Settings\temp\is-PG32J.tmp\_isetup\_RegDLL.tmp

O61 - LFC:Last File Created 3/04/2010 - 23:16:06 ---A- C:\Documents And Settings\will\Local Settings\temp\is-PG32J.tmp\_isetup\_shfoldr.dll

O61 - LFC:Last File Created 3/04/2010 - 23:16:38 ---A- C:\Documents And Settings\will\Local Settings\temp\jusched.log

O61 - LFC:Last File Created 3/04/2010 - 23:18:44 -SHA- C:\Documents And Settings\will\Cookies\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:18:44 -SHA- C:\Documents And Settings\will\IECompatCache\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:18:44 -SHA- C:\Documents And Settings\will\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:18:44 -SHA- C:\Documents And Settings\will\PrivacIE\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:18:52 ---A- C:\Documents And Settings\will\Cookies\will@c.live[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:18:52 ---A- C:\Documents And Settings\will\Cookies\will@c.msn[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:18:52 ---A- C:\Documents And Settings\will\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat

O61 - LFC:Last File Created 3/04/2010 - 23:19:00 ---A- C:\Documents And Settings\will\Cookies\will@google[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:19:24 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn5.specificclick.net\settings.sol

O61 - LFC:Last File Created 3/04/2010 - 23:19:24 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol

O61 - LFC:Last File Created 3/04/2010 - 23:19:24 ---A- C:\Documents And Settings\will\Cookies\will@xiti[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:19:26 ---A- C:\Documents And Settings\will\Cookies\will@atdmt[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:19:30 ---A- C:\Documents And Settings\will\Cookies\will@adviva[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:19:44 ---A- C:\Documents And Settings\will\Application Data\Macromedia\Flash Player\#SharedObjects\LKAR5A93\cdn5.specificclick.net\img\gu.sol

O61 - LFC:Last File Created 3/04/2010 - 23:19:44 ---A- C:\Documents And Settings\will\Cookies\will@doubleclick[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:19:46 ---A- C:\Documents And Settings\will\Favoris\Zebulon.fr Le site de l'optimisation PC et Windows.url

O61 - LFC:Last File Created 3/04/2010 - 23:20:44 -SHA- C:\Documents And Settings\will\IETldCache\index.dat

O61 - LFC:Last File Created 3/04/2010 - 23:20:46 ---A- C:\Documents And Settings\will\Cookies\will@www.dhnet[1].txt

O61 - LFC:Last File Created 3/04/2010 - 23:20:52 ---A- C:\Documents And Settings\will\Cookies\will@imageshack[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:21:30 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\thumbnails\00000004.png

O61 - LFC:Last File Created 3/04/2010 - 23:21:30 ---A- C:\Documents And Settings\will\Local Settings\Application Data\Google\Toolbar History\urls\00000004

O61 - LFC:Last File Created 3/04/2010 - 23:22:28 ---A- C:\Documents And Settings\will\Cookies\will@specificclick[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:22:30 ---A- C:\Documents And Settings\will\Cookies\will@a2dfp[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:22:30 ---A- C:\Documents And Settings\will\Cookies\will@cdn5.specificclick[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:22:30 ---A- C:\Documents And Settings\will\Cookies\will@forum.zebulon[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:22:30 ---A- C:\Documents And Settings\will\Cookies\will@fr.a2dfp[2].txt

O61 - LFC:Last File Created 3/04/2010 - 23:22:30 ---A- C:\Documents And Settings\will\Cookies\will@zebulon[3].txt

O61 - LFC:Last File Created 3/04/2010 - 23:30:52 ---A- C:\Documents And Settings\will\Recent\04032010_000721pear.log.lnk

O61 - LFC:Last File Created 31/03/2010 - 0:28:40 ---A- C:\Documents And Settings\will\Application Data\Microsoft\Windows\Themes\Custom.theme

O61 - LFC:Last File Created 31/03/2010 - 11:24:02 R--A- C:\Documents And Settings\will\Bureau\will.exe

O61 - LFC:Last File Created 31/03/2010 - 13:38:58 ---A- C:\Documents And Settings\will\Bureau\Load_tdsskiller.exe

O61 - LFC:Last File Created 31/03/2010 - 13:39:56 ---A- C:\Documents And Settings\will\Bureau\rkill.com

O61 - LFC:Last File Created 31/03/2010 - 19:13:20 ---A- C:\Documents And Settings\will\Bureau\356VT.txt

O61 - LFC:Last File Created 31/03/2010 - 19:15:46 ---A- C:\Documents And Settings\will\Bureau\Win32kDiag.exe

O61 - LFC:Last File Created 31/03/2010 - 19:18:00 ---A- C:\Documents And Settings\will\Bureau\Win32kDiag.txt

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)

O63 - Logiciel: OTM - (OldTimer)

O63 - Logiciel: RSIT - (random/random)

O63 - Logiciel: UsbFix - (El Desaparecido)

O63 - Logiciel: Win32kDiag - (Pas de propriétaire)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.5.3.0 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP

O64 - Services: CurCS - C:\Acer\eManager\anbmServ.exe - Notebook Manager Service (anbmService) .(.OSA Technologies Inc. - Service Program for Acer eManager.) - LEGACY_ANBMSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Ati2evxx.exe - Ati HotKey Poller (Ati HotKey Poller) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATI_HOTKEY_POLLER

O64 - Services: CurCS - (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME

O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-psd.sys - Acer EPM Power Scheme Driver (EpmPsd) .(.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) - LEGACY_EPMPSD

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\epm-shd.sys - Acer EPM System Hardware Driver (EpmShd) .(.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) - LEGACY_EPMSHD

O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - (.not file.) - klmd21 (klmd21) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMD21

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys - mdmxsdk (mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK

O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - (.not file.) - pavdrv (pavdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVDRV

O64 - Services: CurCS - (.not file.) - Panda Process Protection Driver (PavProc) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVPROC

O64 - Services: CurCS - (.not file.) - Panda Process Protection Service (PavPrSrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVPRSRV

O64 - Services: CurCS - (.not file.) - Panda anti-virus service (PAVSRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVSRV

O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP113

O64 - Services: CurCS - (.not file.) - Panda IManager Service (PSIMSVC) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSIMSVC

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - (.not file.) - Panda File Shield Driver (ShldDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SHLDDRV

O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1008 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Installer\854d.msi (.not file.)

O66 - EventLog: ID=1008 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Installer\8556.msi (.not file.)

O66 - EventLog: ID=1508 (Userenv) - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\will\ntuser.dat"}; (.not file.)

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

 

 

 

End of the scan (768 lines in 07mn 28s)

 

Voilà. Pour être complet, je dois vous dire que je n'avais pas pensé retirer le cable de ma carte réseau.

Courage, vous allez l'attrapper.

[pear]

Bonjour,

Vous êtes infecté par un delf coriace.

La console est installée sur votre système.

 

 

Avant d'utiliser la console de récupération:

Installer la commande Set et Désactiver la demande de mot de passe .

Copier/coller ce qui suit dans le bloc notes,

sans ligne blanche au début.

Enregistrez sur le bureau sous regis.reg.

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]

"SetCommand"=dword:00000001

"SecurityLevel"=dword:00000001

Redémarrez.

Vous aurez 2 secondes pour cliquer sur la console au lieu de Xp.

 

Utilisation de la console

 

Lorsque l'invite pour %SystemRoot% (généralement C:\Windows) apparaît, vous pouvez commencer à taper les commandes appropriées pour diagnostiquer et réparer votre installation.

Windows vous demande quel système démarrer.

Appuyez la touche Verr Num pour activer le clavier numérique

Généralement , vous tapez 1 pour accéder au prompt C:\Windows>

Vous arrivez là:

C:\WINDOWS>

 

Saisissez tout d'abord dans la console la commande Set.

Ces commandes vont apparaître :

* AllowWildCards = FALSE

* AllowAllPaths = FALSE

* AllowRemovableMedia = FALSE

* NoCopyPrompt = FALSE

* Vous ne pouvez donc pas utiliser les extensions de commande (par exemple Del pour Delete) : "Le paramètre n'est pas valide. Essayez le commutateur /? Pour obtenir de l'aide."

* Vous ne pouvez pas parcourir les arborescences de votre disque dur : "Accès refusé".

* Vous ne pouvez pas accéder à des lecteurs amovibles comme un lecteur de disquettes.

* Vous ne pouvez pas copier des fichiers ou des dossiers.

Saisissez alors, en validant chaque commande par la touche Entrée :

* set allowwildcards = true

* Set allowallpaths = true

* Set allowremovablemedia = true

* Set NoCopyPrompt = true

 

Réparer un fichier système endommagé

Tapez successivement

cd c:\

cd windows

cd system32

del C:\WINDOWS\system32\fdbbcebe.dll

 

Redémarrez

Relancez Combofix.

[ibajo1]

Bonjour Pear,

 

Cela aurait été trop beau.

J'ai fait l'opération regis.reg.

 

Au redémarrage, avec la flèche, je me positionne sur console de récupération (installée par Combofix) et quand je fais mon Enter comme demandé, il ressaute sur Windows XP et démarre et me conduit à mon mot de passe.

 

Questions : dois je désinstaller, réinstaller la console ? (il y a eu beaucoup de mises à jour depuis !)

ne puis je pas virer mon mot de passe par la gestion des comptes ?

 

J'ai sans doute énoncé l'une ou l'autre énormité informatique ci-dessus mais voilà, ma console veut pas démarrer.

 

Dans l'attente de vous lire, bonne journée.

[pear]

Le but du .reg était justement d'éviter la demande de mot de passe.

Je ne comprends pas pourquoi cela ne fonctionne pas .

Mais il y a plus urgent:

Laissez tomber et faites ceci:

 

Téléchargez Catchme sur le bureau et pas ailleurs!

Pour utiliser catchme vous devez désactiver votre antivirus qui peut détecter catchme comme un malware .

* Double cliquer sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.

Selectionner l'onglet script en haut et copie_colle le contenu ci dessous ,en vertpuis clic Run

files to kill:

c:\windows\system32\fdbbcebe.dll

un rapport catchme.log apparait sur le bureau , copier_coller son contenu

puis de nouveau dans l'onglet script de catchme , copier/coller le contenu ci dessous , en vert,et clic run

files to delete:

c:\windows\system32\fdbbcebe.dll

 

Copier/coller le rapport catchme.log qui se trouve sur le bureau

 

 

 

ensuite un reg pour corriger le registre

 

Clic droit sur un espace vide du bureau->Nouveau->Document texte

Copier/coller ce qui suit en vert

Windows Registry Editor Version 5.00

 

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fdbbcebe]

sans ligne blanche au début.mais une à la fin

Fichier ->Enregistrez sous..

Clic sur bureau à gauche

Dans [bType de fichier][/b]->Tous les fichiers

Dans Nom-> fix.reg.

Allez sur le bureau

Votre ficher ressemble à ceci

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

 

Si vous ne pouvez pas fusionner ou que vous avez un message du genre "n'est pas un fichier de régistre valide",

C'est parce que vous avez fait une erreur.

 

Les plus courantes:

 

Il faut une ligne blanche après Windows Registry Editor mais pas avant

Le fichier doit s'appeler regis.reg et non regis.reg.txt

Il faut une ligne blanche après le texte en vert

Dans la case Type vous devez choisir "Tous les Fichiers

Modifié le 3 avril 2010 par pear