Suis-je infecté

sunfire · le 17 juin 2011

Bonjour, depuis quelques temps mon ordi fait des écrans bleu. Je me demande si je ne serais pas infecté ou tout simplement causé par Avast. Voici les infos:

windows version: Windows XP Service Pack 3, 5.1, build: 2600

windows dir: C:\WINDOWS

CPU: GenuineIntel Intel® Pentium® Dual CPU E2180 @ 2.00GHz Intel586, level: 6

2 logical processors, active mask: 3

RAM: 2138288128 total

VM: 2147352576, free: 2041716736

--------------------------------------------------------------------------------

Crash Dump Analysis

--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

On Wed 2011-06-15 02:19:10 GMT your computer crashed

crash dump file: C:\WINDOWS\Minidump\Mini061411-01.dmp

This was probably caused by the following module: ntoskrnl.exe (nt+0x11708)

Bugcheck code: 0x10000050 (0xFFFFFFFFE56C6A86, 0x0, 0xFFFFFFFF804E8708, 0x2)

Error: CUSTOM_ERROR

file path: C:\WINDOWS\system32\ntoskrnl.exe

product: Système d'exploitation Microsoft® Windows®

company: Microsoft Corporation

description: Noyau et système NT

The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

On Tue 2011-06-14 03:04:55 GMT your computer crashed

crash dump file: C:\WINDOWS\Minidump\Mini061311-01.dmp

This was probably caused by the following module: aswsp.sys (aswSP+0x1F4DB)

Bugcheck code: 0x24 (0x1902FE, 0xFFFFFFFFA92070AC, 0xFFFFFFFFA9206DA8, 0xFFFFFFFF804E1DC2)

Error: NTFS_FILE_SYSTEM

file path: C:\WINDOWS\system32\drivers\aswsp.sys

product: avast! Antivirus System

company: AVAST Software

description: avast! self protection module

Bug check description: This indicates a problem occurred in the NTFS file system.

A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswsp.sys (avast! self protection module, AVAST Software).

Google query: aswsp.sys AVAST Software NTFS_FILE_SYSTEM

On Sat 2011-06-11 13:53:37 GMT your computer crashed

crash dump file: C:\WINDOWS\Minidump\Mini061111-01.dmp

This was probably caused by the following module: win32k.sys (win32k+0x3AC39)

Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBF83AC39, 0xFFFFFFFFA7C76A50, 0x0)

Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M

file path: C:\WINDOWS\system32\win32k.sys

product: Système d'exploitation Microsoft® Windows®

company: Microsoft Corporation

description: Pilote Win32 multi-utilisateurs

Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.

This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.

The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.

On Fri 2011-06-10 02:10:27 GMT your computer crashed

crash dump file: C:\WINDOWS\Minidump\Mini060911-01.dmp

This was probably caused by the following module: aswsp.sys (aswSP+0x1F4DB)

Bugcheck code: 0x1000000A (0xFFFFFFFF98D5863C, 0x2, 0x1, 0xFFFFFFFF804F5528)

Error: CUSTOM_ERROR

file path: C:\WINDOWS\system32\drivers\aswsp.sys

product: avast! Antivirus System

company: AVAST Software

description: avast! self protection module

A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswsp.sys (avast! self protection module, AVAST Software).

Google query: aswsp.sys AVAST Software CUSTOM_ERROR

--------------------------------------------------------------------------------

Conclusion

--------------------------------------------------------------------------------

4 crash dumps have been found and analyzed. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

aswsp.sys (avast! self protection module, AVAST Software)

sunfire · le 17 juin 2011

rapport ZHPDIAG:

Rapport de ZHPDiag v1.27.2302 par Nicolas Coolman, Update du 14/06/2011

Run by Famille at 2011-06-15 06:06:38

Web site : ZHPDiag Outil de diagnostic

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

MFIE: Mozilla Firefox v3.5.17 (fr)

---\\ System Information

Windows XP Professional Service Pack 3 (Build 2600)

Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2039 MB (76% free)

System Restore: Activé (Enable)

System drive C: has 82 GB (83%) free of 98 GB

---\\ Logged in mode

Computer Name: FAMILLE-7222204

User Name: Famille

All Users Names: SUPPORT_388945a0, HelpAssistant, Famille, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

%AppData%=C:\Documents and Settings\Famille\Application Data

%LocalAppData%=C:\Documents and Settings\Famille\Local Settings\Application Data

%StartMenu%=C:\Documents and Settings\Famille\Menu Démarrer

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 98 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 37 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 339 Go of 368 Go)

F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.2008-04-13 21:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.77C66BD5CED4E555919A5FB713322CDD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2011-02-22 18:05:48.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.2008-04-13 21:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.2008-04-13 13:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.2008-04-13 14:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

---\\ Processus lancés

[MD5.7DE3EE7DBEE14C1F8375CB82466C9321] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184]

[MD5.7525DC67273A454AE9FED492382B9460] - (.Lexmark International, Inc. - LexBce Service.) -- C:\WINDOWS\system32\LEXBCES.EXE [303104]

[MD5.F2683B52D9A8FFCCE312032752FFB683] - (.Lexmark International, Inc. - LEXPPS.EXE.) -- C:\WINDOWS\system32\LEXPPS.EXE [174592]

[MD5.CD41EFC0903DEB7CCD809C0237706EAB] - (.IDT, Inc. - STacSV Module.) -- c:\program files\idt\ecsxpv_5902_012208\wdm\STacSV.exe [221239]

[MD5.9F6B6D0BE4F77F8693E9FD15D81C8A01] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [141848]

[MD5.4C53C44E7C20E65445037954DC3A6BA4] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [166424]

[MD5.D8F3B455D3FA4B40C9BF544F55647C19] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [137752]

[MD5.FDAD381A3BC7C25278A1F03DE44400AE] - (.IDT, Inc. - IDT Audio system tray application.) -- C:\Program Files\IDT\WDM\sttray.exe [442433]

[MD5.4C6898F15701AE7C41775C14E423FE25] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3459712]

[MD5.01E411129FADE452B257D6DE16DA643E] - (.Lexmark International, Inc. - Lexmark X6100 Series Button Manager.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe [57344]

[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536]

[MD5.695CF43FCAC09ECDDA0D7D048BB6311F] - (.Lexmark International, Inc. - Lexmark X6100 Series Button Monitor.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe [49152]

[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872]

[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]

[MD5.1D9C196D71449C3D6A116BEA6642269F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [659968]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\Famille\Application Data\Mozilla\Firefox\Profiles\6up4saml.default\prefs.js

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

M0 - MFSP: prefs.js [Famille - 6up4saml.default] MSN : Hotmail, Messenger, Bing, Actualité et Sport

M2 - MFEP: prefs.js [Famille - 6up4saml.default\{73a6fe31-595d-460b-a920-fcc0f8843232}] [noscript] NoScript v2.1.1 (.Giorgio Maone.)

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKUS\S-1-5-21-861567501-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-861567501-1647877149-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19048 (longhorn_ie8_gdr.110221-1700)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT Audio system tray application.) -- C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe

O4 - HKLM\..\Run: [Lexmark X6100 Series] . (.Lexmark International, Inc. - Lexmark X6100 Series Button Manager.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline

O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-861567501-1647877149-839522115-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\Famille\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\Famille\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\Famille\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\Famille\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307052412743

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307498339203

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{3575AD77-4127-4D54-BAEC-0DEBF6D88931}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{3575AD77-4127-4D54-BAEC-0DEBF6D88931}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3575AD77-4127-4D54-BAEC-0DEBF6D88931}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{3575AD77-4127-4D54-BAEC-0DEBF6D88931}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: (LexBceS) . (.Lexmark International, Inc. - LexBce Service.) - C:\WINDOWS\system32\LEXBCES.exe

O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: (STacSV) . (.IDT, Inc. - STacSV Module.) - c:\program files\idt\ecsxpv_5902_012208\wdm\STacSV.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.4.4 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399

O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Lexmark X6100 Series - (.Pas de propriétaire.) [HKLM] -- Lexmark X6100 Series

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {7DB4CB30-B94A-4282-AC8A-C86F615AA45B}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISER

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Mozilla Firefox (3.5.17) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.5.17)

O42 - Logiciel: Nero 6 Enterprise Edition - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PatchBeam v1.10 - (.ConeXware, Inc..) [HKLM] -- PatchBeam_is1

O42 - Logiciel: PowerArchiver 2010 - (.ConeXware, Inc..) [HKLM] -- {B1F07F56-8C1F-410F-B1DD-062FDAFCF688}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{797AE457-BA17-4BBC-B501-25FB3A0103C7}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: WhoCrashed 3.01 - (.Resplendence Software Projects Sp..) [HKLM] -- WhoCrashed_is1

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service

O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Classes]

[HKCU\Software\ConeXware]

[HKCU\Software\ESET]

[HKCU\Software\IDT]

[HKCU\Software\IM Providers]

[HKCU\Software\Install]

[HKCU\Software\Intel]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\PPM]

[HKCU\Software\Policies]

[HKCU\Software\PowerArchiverInt]

[HKCU\Software\Resplendence Sp]

[HKCU\Software\cybelsoft]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Eset]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\IDT]

[HKLM\Software\Intel]

[HKLM\Software\Lexmark]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\ODBC]

[HKLM\Software\Policies]

[HKLM\Software\PowerArchiverInt]

[HKLM\Software\Program Groups]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\VideoLAN]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\cybelsoft]

[HKLM\Software\mozilla.org]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 2011-06-04 - 21:43:10 - [162859326] ----D- C:\Program Files\Adobe

O43 - CFD: 2011-06-02 - 21:18:02 - [84344740] ----D- C:\Program Files\Ahead

O43 - CFD: 2011-06-02 - 17:59:44 - [161565522] ----D- C:\Program Files\AVAST Software

O43 - CFD: 2011-06-02 - 17:34:50 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 2011-06-11 - 10:03:12 - [142975628] ----D- C:\Program Files\ESET

O43 - CFD: 2011-06-02 - 21:18:00 - [338411688] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 2011-06-02 - 17:57:44 - [68364307] ----D- C:\Program Files\IDT

O43 - CFD: 2011-06-02 - 17:56:44 - [3110893] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 2011-06-02 - 17:46:24 - [64867] ----D- C:\Program Files\Intel

O43 - CFD: 2011-06-02 - 20:31:22 - [4485152] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2011-06-02 - 21:01:04 - [49953990] ----D- C:\Program Files\Lexmark X6100 Series

O43 - CFD: 2011-06-13 - 23:11:44 - [6093848] ----D- C:\Program Files\ma-config.com

O43 - CFD: 2011-06-04 - 06:50:44 - [7566970] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 2011-06-02 - 18:40:00 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 2011-06-02 - 20:52:02 - [226432] ----D- C:\Program Files\Microsoft

O43 - CFD: 2011-06-02 - 17:37:34 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 2011-06-02 - 20:57:46 - [291982044] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 2011-06-02 - 20:57:42 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 2011-06-02 - 20:57:54 - [3178824] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 2011-06-02 - 20:19:40 - [10374874] ----D- C:\Program Files\Movie Maker

O43 - CFD: 2011-06-14 - 22:59:52 - [28282032] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 2011-06-05 - 21:51:06 - [19278399] ----D- C:\Program Files\MSN

O43 - CFD: 2011-06-02 - 17:34:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 2011-06-02 - 18:22:24 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 2011-06-02 - 17:34:38 - [1804] ----D- C:\Program Files\Online Services

O43 - CFD: 2011-06-02 - 20:31:24 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 2011-06-02 - 20:59:34 - [2225472] ----D- C:\Program Files\PatchBeam

O43 - CFD: 2011-06-14 - 22:56:28 - [38770972] ----D- C:\Program Files\PowerArchiver

O43 - CFD: 2011-06-02 - 17:36:26 - [1025] ----D- C:\Program Files\Services en ligne

O43 - CFD: 2011-06-02 - 17:44:40 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2011-06-02 - 20:33:18 - [74466874] ----D- C:\Program Files\VideoLAN

O43 - CFD: 2011-06-14 - 22:57:06 - [49014615] ----D- C:\Program Files\WhoCrashed

O43 - CFD: 2011-06-02 - 20:51:56 - [45806173] ----D- C:\Program Files\Windows Live

O43 - CFD: 2011-06-02 - 20:51:46 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 2011-06-02 - 18:39:24 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 2011-06-02 - 18:39:22 - [8573658] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 2011-06-02 - 18:22:22 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 2011-06-02 - 17:36:28 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 2011-06-02 - 17:37:34 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 2011-06-15 - 06:06:42 - [3900517] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 2011-06-04 - 21:43:18 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 2011-06-02 - 21:18:00 - [15413512] ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD: 2011-06-02 - 20:57:42 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD: 2011-06-02 - 17:45:38 - [3761613] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 2011-06-09 - 21:36:14 - [233524739] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 2011-06-02 - 17:35:44 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 2011-06-02 - 13:28:42 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 2011-06-02 - 17:35:48 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 2011-06-02 - 13:28:40 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 2011-06-02 - 18:22:20 - [41112916] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 2011-06-02 - 20:47:16 - [34145223] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 2011-06-04 - 06:52:52 - [84489] ----D- C:\Documents and Settings\Famille\Application Data\Adobe

O43 - CFD: 2011-06-14 - 21:27:06 - [199] ----D- C:\Documents and Settings\Famille\Application Data\dvdcss

O43 - CFD: 2011-06-02 - 17:44:42 - [0] ----D- C:\Documents and Settings\Famille\Application Data\Identities

O43 - CFD: 2011-06-02 - 21:07:24 - [470] ----D- C:\Documents and Settings\Famille\Application Data\Macromedia

O43 - CFD: 2011-06-04 - 06:50:46 - [13771] ----D- C:\Documents and Settings\Famille\Application Data\Malwarebytes

O43 - CFD: 2011-06-09 - 22:17:06 - [2266337] -S--D- C:\Documents and Settings\Famille\Application Data\Microsoft

O43 - CFD: 2011-06-02 - 20:42:56 - [3146503] ----D- C:\Documents and Settings\Famille\Application Data\Mozilla

O43 - CFD: 2011-06-05 - 21:51:06 - [327] ----D- C:\Documents and Settings\Famille\Application Data\MSNInstaller

O43 - CFD: 2011-06-14 - 22:42:52 - [475171] ----D- C:\Documents and Settings\Famille\Application Data\vlc

O43 - CFD: 2011-06-04 - 21:42:58 - [104325] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Adobe

O43 - CFD: 2011-06-02 - 21:19:24 - [1950597] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Ahead

O43 - CFD: 2011-06-02 - 20:13:56 - [20346872] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Identities

O43 - CFD: 2011-06-11 - 09:52:20 - [170599691] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Microsoft

O43 - CFD: 2011-06-02 - 20:55:16 - [0] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Microsoft Help

O43 - CFD: 2011-06-02 - 20:42:50 - [95370684] ----D- C:\Documents and Settings\Famille\Local Settings\Application Data\Mozilla

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.0057B5154AC16C08B0B23E7162EDA661] - 2001-01-19 - 10:50:20 ---A- . (...) -- C:\WINDOWS\System32\INSTMON.EXE [40960]

O44 - LFC:[MD5.5094AB1E97AA07CFB0273B37B4F99887] - 2002-06-26 - 07:26:34 ---A- . (...) -- C:\WINDOWS\System32\LXBFMA.CNT [249]

O44 - LFC:[MD5.D1B4A1FABE2DC65CA8170697E5BDB625] - 2002-09-04 - 09:42:38 ---A- . (...) -- C:\WINDOWS\System32\lxbfcoin.ini [188]

O44 - LFC:[MD5.9C918CA9278FE7B3A94451577C7DFDA5] - 2002-09-30 - 11:43:24 ---A- . (...) -- C:\WINDOWS\System32\LXBFLPA.CNT [19]

O44 - LFC:[MD5.C0CC3CADF562952665625FC11FBCBF1E] - 2002-11-13 - 10:40:22 ---A- . (...) -- C:\WINDOWS\System32\lxbfvs.dll [40960]

O44 - LFC:[MD5.36C471CB7205F624942301558BEAC370] - 2003-01-24 - 08:17:22 ---A- . (...) -- C:\WINDOWS\System32\LXBF.LOC [447]

O44 - LFC:[MD5.250BC2D81E03E7324236C241EC1D5229] - 2003-01-27 - 13:24:00 ---A- . (...) -- C:\WINDOWS\System32\LXBFDRV.HLP [508466]

O44 - LFC:[MD5.1855F234688D1A1D5F4AB1DE0B7C0CF0] - 2003-01-27 - 13:24:10 ---A- . (...) -- C:\WINDOWS\System32\LXBFLPA.HLP [1551472]

O44 - LFC:[MD5.9097311250469E8E67C0136BF2C7965D] - 2003-01-27 - 13:41:58 ---A- . (...) -- C:\WINDOWS\System32\LXBFDRV.CNT [2495]

O44 - LFC:[MD5.D62FAB49DEACF0071CF2B1BADAA09184] - 2003-04-21 - 00:36:02 ---A- . (...) -- C:\WINDOWS\System32\LXBFLCNP.DLL [77824]

O44 - LFC:[MD5.16D0C1F6B343737DD8EE9825B4DBA5C8] - 2003-04-21 - 00:45:32 ---A- . (...) -- C:\WINDOWS\System32\LXBFIH.EXE [86016]

O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978]

O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582]

O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp [17336]

O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832]

O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730]

O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362]

O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp [26680]

O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272]

O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\AUTOEXEC.NT [1896]

O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28594.NLS [66082]

O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28595.NLS [66082]

O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\C_28597.NLS [66082]

O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\bopomofo.uce [22984]

O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10006.nls [66082]

O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10007.nls [66082]

O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10010.nls [66082]

O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10017.nls [66082]

O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10029.nls [66082]

O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10081.nls [66082]

O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_10082.nls [66082]

O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_20127.nls [66082]

O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28599.nls [66082]

O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_28603.nls [66082]

O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_737.nls [66594]

O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_852.nls [66594]

O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_855.nls [66594]

O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_857.nls [66594]

O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_866.nls [66594]

O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_869.nls [66594]

O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\c_875.nls [66082]

O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\desktop.ini [2]

O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\gb2312.uce [24006]

O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\ideograf.uce [60458]

O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\kanji_1.uce [6948]

O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\kanji_2.uce [8484]

O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\korean.uce [12876]

O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\msdtcprf.h [768]

O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\msdtcprf.ini [3914]

O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\shiftjis.uce [16740]

O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\subrange.uce [93702]

O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\tslabels.h [3286]

O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\tslabels.ini [27768]

O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\usrlogon.cmd [1263]

O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\System32\wmimgmt.msc [63488]

O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp [17062]

O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954]

O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522]

O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]

O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 2004-08-05 - 07:00:00 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102]

O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 2004-08-05 - 07:00:00 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102]

O44 - LFC:[MD5.38FE831D9C5BA480D5AFB8DE93AE6F4A] - 2004-08-05 - 07:00:00 R--A- . (...) -- C:\WINDOWS\SET3.tmp [1014836]

O44 - LFC:[MD5.5051529BF3627996CFE4A3B14AD67E78] - 2004-08-05 - 07:00:00 R--A- . (...) -- C:\WINDOWS\SET4.tmp [1086058]

O44 - LFC:[MD5.3E6967FEB3E18473D8C2627AA0C49AD3] - 2004-08-05 - 07:00:00 R--A- . (...) -- C:\WINDOWS\SET8.tmp [14043]

O44 - LFC:[MD5.7DEF9DFBDE081CAC48105CFCEC4F385C] - 2008-02-14 - 23:38:38 R--A- . (...) -- C:\WINDOWS\System32\igxpxk32.vp [2096]

O44 - LFC:[MD5.1C59745CF3A5F820D3E3854B95272263] - 2008-02-15 - 00:21:56 R--A- . (...) -- C:\WINDOWS\System32\igfxCoIn_v4926.dll [147456]

O44 - LFC:[MD5.5290ADD11755B7D6225DB00FE83DFBAF] - 2008-02-15 - 02:09:18 R--A- . (...) -- C:\WINDOWS\System32\igxpxs32.vp [27024]

O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 2011-05-29 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712]

O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 2011-05-29 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [39984]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 12:27:50 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]

O44 - LFC:[MD5.1E9B88D340481EDA7A9BF53A949E1F42] - 2011-06-02 - 12:28:27 ---A- . (.Digi International - DGSETUP DLL.) -- C:\WINDOWS\System32\dgsetup.dll [86044]

O44 - LFC:[MD5.7AE4CDB4AD25A08B711ECC5BE12EF3D7] - 2011-06-02 - 12:28:27 ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- C:\WINDOWS\System32\dgrpsetu.dll [176157]

O44 - LFC:[MD5.F899213C79DEE079DCE1EE730D82594F] - 2011-06-02 - 12:28:27 ---A- . (.Equinox Systems Inc. - Co-installeur série multiport Equinox.) -- C:\WINDOWS\System32\EqnClass.Dll [103424]

O44 - LFC:[MD5.FA511331A48B582A7D584FC2408E8C1A] - 2011-06-02 - 12:28:27 ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- C:\WINDOWS\System32\spxcoins.dll [24661]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-02 - 12:30:51 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]

O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 2011-06-02 - 12:31:28 ---A- . (...) -- C:\WINDOWS\system.ini [231]

O44 - LFC:[MD5.9AD2A7938417A9E98DEE4552BDD8F760] - 2011-06-02 - 12:31:34 ---A- . (...) -- C:\WINDOWS\regopt.log [2756]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-02 - 12:32:46 ---A- . (...) -- C:\WINDOWS\System32\h323log.txt [0]

O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 2011-06-02 - 16:32:54 -SH-- . (...) -- C:\boot.ini [212]

O44 - LFC:[MD5.6A1D9675F87094A7FAB33A67A4C25F1C] - 2011-06-02 - 16:33:52 ---A- . (.Hilgraeve, Inc. - Bibliothèque d'applications HyperTerminal.) -- C:\WINDOWS\System32\hypertrm.dll [354304]

O44 - LFC:[MD5.520A03D1F113D251EFBFA00C164F2087] - 2011-06-02 - 16:34:21 ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- C:\WINDOWS\System32\hticons.dll [44544]

O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2011-06-02 - 16:34:46 ---A- . (...) -- C:\WINDOWS\vb.ini [36]

O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2011-06-02 - 16:34:46 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]

O44 - LFC:[MD5.40E14CA28CD64FD32E21A7B7D355AF2A] - 2011-06-02 - 16:34:55 ---A- . (...) -- C:\WINDOWS\System32\emptyregdb.dat [21892]

O44 - LFC:[MD5.71ECBA795A063026843F70F31EF02689] - 2011-06-02 - 16:35:24 ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- C:\WINDOWS\System32\isrdbg32.dll [32768]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\System32\cdplayer.exe.manifest [749]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\System32\ncpa.cpl.manifest [749]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\System32\nwc.cpl.manifest [749]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\System32\sapi.cpl.manifest [749]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [749]

O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2011-06-02 - 16:36:30 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]

O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2011-06-02 - 16:36:34 R-HA- . (...) -- C:\WINDOWS\System32\WindowsLogon.manifest [488]

O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2011-06-02 - 16:36:34 R-HA- . (...) -- C:\WINDOWS\System32\logonui.exe.manifest [488]

O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 2011-06-02 - 16:37:09 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 16:37:19 ---A- . (...) -- C:\AUTOEXEC.BAT [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 16:37:19 ---A- . (...) -- C:\CONFIG.SYS [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 16:37:19 ---A- . (...) -- C:\WINDOWS\control.ini [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 16:37:19 RSHA- . (...) -- C:\IO.SYS [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 16:37:19 RSHA- . (...) -- C:\MSDOS.SYS [0]

O44 - LFC:[MD5.E2252E9DA2BAE1C7D75128F5CF1151CD] - 2011-06-02 - 16:38:52 ---A- . (...) -- C:\WINDOWS\System32\$winnt$.inf [261]

O44 - LFC:[MD5.01BBB826457F0440B4C1CE2CE9218BB0] - 2011-06-02 - 16:39:46 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]

O44 - LFC:[MD5.C5BD32A70808DB0F8BC01CE80EEA2C3A] - 2011-06-02 - 16:45:06 R--A- . (.Windows ® Codename Longhorn DDK provider - Generic Port I/O.) -- C:\WINDOWS\System32\drivers\PortIo.sys [4864]

O44 - LFC:[MD5.E3F9DA68FE296EACBB2F4432351B481C] - 2011-06-02 - 16:46:22 ---A- . (.Windows XP Bundled build C-Centric Single U - CSVer.) -- C:\WINDOWS\System32\CSVer.dll [53248]

O44 - LFC:[MD5.30E256F9826B45FA21CBD662475C072D] - 2011-06-02 - 16:49:02 R--A- . (.Intel® Corporation - Intel® Graphics Media Accelerator Driver in.) -- C:\WINDOWS\System32\igxpun.exe [920088]

O44 - LFC:[MD5.CBAE8185F15210BE3F9E09F5BF14E94E] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - Component GHAL Driver.) -- C:\WINDOWS\System32\igxpdv32.dll [1670144]

O44 - LFC:[MD5.8BF96C13124872CC1054D7F8CC9F5A26] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - DirectDraw® Driver for Intel® Graphics.) -- C:\WINDOWS\System32\igxpdx32.dll [2643968]

O44 - LFC:[MD5.74DBB7ED3ABB6C9F0D8E1A2CCADDF4FB] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - Intel Graphics 2D Driver.) -- C:\WINDOWS\System32\igxpgd32.dll [151040]

O44 - LFC:[MD5.C1A0DEB3A8E701D53C7B25A7735B9CD2] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - Intel Graphics 2D Rotation Driver.) -- C:\WINDOWS\System32\igxprd32.dll [57344]

O44 - LFC:[MD5.48846B31BE5A4FA662CCFDE7A1BA86B9] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [5854752]

O44 - LFC:[MD5.192840362CF251B9998068E72FE990E5] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - OpenGL® Device Driver for Intel® Graphi.) -- C:\WINDOWS\System32\igldev32.dll [294912]

O44 - LFC:[MD5.A3C6A20071E69AAB1608281544366F4E] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - OpenGL® Driver for Intel® Graphics Acce.) -- C:\WINDOWS\System32\iglicd32.dll [2334720]

O44 - LFC:[MD5.9CCA783AC94DED99F23985142D5F3991] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - hccutils Module.) -- C:\WINDOWS\System32\hccutils.dll [102400]

O44 - LFC:[MD5.4C53C44E7C20E65445037954DC3A6BA4] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\System32\hkcmd.exe [166424]

O44 - LFC:[MD5.9F6B6D0BE4F77F8693E9FD15D81C8A01] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\System32\igfxtray.exe [141848]

O44 - LFC:[MD5.4EE592598068609D2A4C1DBE98B69E60] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxcfg Module.) -- C:\WINDOWS\System32\igfxcfg.exe [530968]

O44 - LFC:[MD5.6008B79D575F8D8510E03C521EF24F27] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxcpl Module.) -- C:\WINDOWS\System32\igfxcpl.cpl [122880]

O44 - LFC:[MD5.1180852DBFADAFC375DBBA1F6B23EEE7] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll [208896]

O44 - LFC:[MD5.6D07EBC2DADAD53232398C9B609989AD] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxdo Module.) -- C:\WINDOWS\System32\igfxdo.dll [135168]

O44 - LFC:[MD5.86459B513E33109A678AC452C7C695C6] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\System32\igfxexps.dll [24576]

O44 - LFC:[MD5.7C36AFFA39FF126EB483F289604EFCC1] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\System32\igfxext.exe [170520]

O44 - LFC:[MD5.94BC8EF4808BCDC0D3AD8F0F4FB92FD9] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxpph Module.) -- C:\WINDOWS\System32\igfxpph.dll [204800]

O44 - LFC:[MD5.C99F84346380334E0DCCC74637327944] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrara.lrc [159744]

O44 - LFC:[MD5.8C04CDD56E7B1957D6087A524620ADDE] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrchs.lrc [110592]

O44 - LFC:[MD5.AA00E1F166DC7FDD6C74D08DE6DE36BB] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrcht.lrc [110592]

O44 - LFC:[MD5.10B0CAF7EA76B952AE354FBB974ECEE1] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrcsy.lrc [176128]

O44 - LFC:[MD5.EA0EFE4BB13CE0BE0F81A0E13BD34F6B] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrdan.lrc [172032]

O44 - LFC:[MD5.DDDF48C2E584F125335CA9107AD68F6F] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrdeu.lrc [192512]

O44 - LFC:[MD5.868275D229802CE8B1B9538EDBD6BBB9] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrell.lrc [192512]

O44 - LFC:[MD5.8C83E643E864F4CCBDAA851D12564924] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrenu.lrc [172032]

O44 - LFC:[MD5.3324AA2DE207BAF0C3141F1C94C6783C] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxresp.lrc [188416]

O44 - LFC:[MD5.471DE258E422A4070D059312C63ECF83] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrfin.lrc [176128]

O44 - LFC:[MD5.229FE9801E06748B442E8FEF2B3E8FE5] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrfra.lrc [184320]

O44 - LFC:[MD5.FFFCE9ACFBC9E44D1F8BF22195C41E12] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrheb.lrc [155648]

O44 - LFC:[MD5.7AF217A5A77B30722936B8519128EBBF] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrhun.lrc [180224]

O44 - LFC:[MD5.103916AC2DE96FE0911C29C90A6D1D26] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrita.lrc [188416]

O44 - LFC:[MD5.D50826B5AA9F894BCF70E43EC55CF306] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrjpn.lrc [131072]

O44 - LFC:[MD5.75D1F5B9601E1BC3F590D49F5B017B4B] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrkor.lrc [126976]

O44 - LFC:[MD5.DECDE253A3E7C07990F5FDF67C15FC36] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrnld.lrc [188416]

O44 - LFC:[MD5.1E325B40E867D81064E4F5D10B3F9DFB] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrnor.lrc [176128]

O44 - LFC:[MD5.FED694C91C8762EB05CCEC7EA33EF902] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrplk.lrc [180224]

O44 - LFC:[MD5.BA895C263F1C10BBEE954FE79C85EADE] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrptb.lrc [180224]

O44 - LFC:[MD5.4ECC4A96DD6DD433B3DA881859A23831] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrptg.lrc [180224]

O44 - LFC:[MD5.AF3239F823114D7CC415B74164925AF5] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrrus.lrc [180224]

O44 - LFC:[MD5.9332F6AE88A48582442840E87802C34D] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrsky.lrc [176128]

O44 - LFC:[MD5.EA6FDCCF244B7EED1A06C1FCF252FF77] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrslv.lrc [172032]

O44 - LFC:[MD5.6F99A64D775CCAC17291B2C9CA833E1F] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrsve.lrc [172032]

O44 - LFC:[MD5.A4FB9C3B46E3ADDA0B299FD75212E6B0] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrtha.lrc [163840]

O44 - LFC:[MD5.D5523EAB57D02B9EF08A483E4DDEBC94] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxrtrk.lrc [172032]

O44 - LFC:[MD5.BE4F9A74D02F06538F0025A3AC39A8F1] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxress Module.) -- C:\WINDOWS\System32\igfxress.dll [3293184]

O44 - LFC:[MD5.30DB789A2D61DBE9BFCC07E3E9F3CDA8] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.dll [48128]

O44 - LFC:[MD5.F56197D5CBDCC6A87C242DC8B8EEEE34] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.exe [256536]

O44 - LFC:[MD5.CD3A5B48541ABD38557D146DF9B5B18F] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - igfxzoom Module.) -- C:\WINDOWS\System32\igfxzoom.exe [170520]

O44 - LFC:[MD5.D8F3B455D3FA4B40C9BF544F55647C19] - 2011-06-02 - 16:49:25 R--A- . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\System32\igfxpers.exe [137752]

O44 - LFC:[MD5.229FE9801E06748B442E8FEF2B3E8FE5] - 2011-06-02 - 16:51:43 R--A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\System32\igfxres.dll [184320]

O44 - LFC:[MD5.89619EF503F949FAE09252A8B883EE11] - 2011-06-02 - 16:51:53 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [105856]

O44 - LFC:[MD5.75E29FA3FF8A94CD9FCCF5F0BA3640A4] - 2011-06-02 - 16:57:21 ---A- . (.IDT, Inc. - NDRC.) -- C:\WINDOWS\System32\staco.dll [150016]

O44 - LFC:[MD5.8152F9FF0FF5D0D998DBC797C23B4BBD] - 2011-06-02 - 16:57:21 ---A- . (.IDT, Inc. - STACAPI.DLL.) -- C:\WINDOWS\System32\stacapi.dll [442439]

O44 - LFC:[MD5.F420A4F17A0852E58627F18468C3FEC5] - 2011-06-02 - 16:57:22 ---A- . (.IDT, Inc. - NDRC.) -- C:\WINDOWS\System32\drivers\sthda.sys [1292888]

O44 - LFC:[MD5.FDAD381A3BC7C25278A1F03DE44400AE] - 2011-06-02 - 16:57:41 ---A- . (.IDT, Inc. - IDT Audio system tray application.) -- C:\WINDOWS\sttray.exe [442433]

O44 - LFC:[MD5.71478CA8C85BB5ACB375E21B0F575390] - 2011-06-02 - 16:57:41 ---A- . (.IDT, Inc. - STacGUI Module.) -- C:\WINDOWS\System32\idtsg.cpl [8101951]

O44 - LFC:[MD5.BD8FB9091ED947FF93824E16BAA51878] - 2011-06-02 - 16:57:42 ---A- . (.IDT, Inc. - Localize Module.) -- C:\WINDOWS\System32\stlang.dll [2314240]

O44 - LFC:[MD5.CD41EFC0903DEB7CCD809C0237706EAB] - 2011-06-02 - 16:57:42 ---A- . (.IDT, Inc. - STacSV Module.) -- C:\WINDOWS\System32\stacsv.exe [221239]

O44 - LFC:[MD5.17C1B45654855724015F409005A21A83] - 2011-06-02 - 16:57:45 ---A- . (...) -- C:\WINDOWS\KB888111.log [4539]

O44 - LFC:[MD5.B8576757416F471C9D7F83B2B04B1F9D] - 2011-06-02 - 16:59:46 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [40112]

O44 - LFC:[MD5.A4FF904203B176D2D7498AA7CECAFE0C] - 2011-06-02 - 16:59:46 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\System32\aswBoot.exe [199304]

O44 - LFC:[MD5.3F6884EFF406238D39AAA892218F1DF7] - 2011-06-02 - 16:59:56 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) -- C:\WINDOWS\System32\drivers\aavmker4.sys [30808]

O44 - LFC:[MD5.FF028BFF4FE4E5CE35C797FBF1B21609] - 2011-06-02 - 16:59:56 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers\aswmon.sys [96344]

O44 - LFC:[MD5.C2181EF6B54752273A0759A968C59279] - 2011-06-02 - 16:59:56 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers\aswmon2.sys [102616]

O44 - LFC:[MD5.4D100C45517809439C7B6DD98997FA00] - 2011-06-02 - 16:59:57 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\System32\drivers\aswTdi.sys [49240]

O44 - LFC:[MD5.AC48BDD4CD5D44AF33087C06D6E9511C] - 2011-06-02 - 16:59:57 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\System32\drivers\aswRdr.sys [25432]

O44 - LFC:[MD5.B64134316FCD1F20E0F10EF3E65BD522] - 2011-06-02 - 16:59:57 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [441176]

O44 - LFC:[MD5.D6788E3211AFA9951ED7A4D617F68A4F] - 2011-06-02 - 16:59:58 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [307928]

O44 - LFC:[MD5.7F08D9C504B015D81A8ABD75C80028C5] - 2011-06-02 - 16:59:59 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [19544]

O44 - LFC:[MD5.2B27CF1362A6E72330B90AA5584979B4] - 2011-06-02 - 17:06:23 ---A- . (...) -- C:\WINDOWS\System32\wpa.bak [2422]

O44 - LFC:[MD5.F4F4F43837D6D05F88DB887021995846] - 2011-06-02 - 17:08:54 ---A- . (...) -- C:\WINDOWS\KB893803v2.log [9182]

O44 - LFC:[MD5.8FC91C5028A8489AC0381B598ED317EA] - 2011-06-02 - 17:09:02 ---A- . (...) -- C:\WINDOWS\KB892130.log [7557]

O44 - LFC:[MD5.7D327C76C5F80A00512FAB80DA6B061C] - 2011-06-02 - 17:09:05 ---A- . (...) -- C:\WINDOWS\KB898461.log [7633]

O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 2011-06-02 - 17:21:14 RSHA- . (...) -- C:\ntldr [252240]

O44 - LFC:[MD5.D05D89C7554DFD9466876CBCA118B86A] - 2011-06-02 - 17:23:51 ---A- . (...) -- C:\WINDOWS\sessmgr.setup.log [1281]

O44 - LFC:[MD5.87D67473D31F9D2D27B24AAA0D64ED64] - 2011-06-02 - 17:23:59 ---A- . (...) -- C:\WINDOWS\cmsetacl.log [373]

O44 - LFC:[MD5.CE5F8DA8F90477385A7AD5455966D062] - 2011-06-02 - 17:25:19 ---A- . (...) -- C:\WINDOWS\svcpack.log [531123]

O44 - LFC:[MD5.A21622B7DAD6B690D34EB53CD6B1875E] - 2011-06-02 - 17:26:42 ---A- . (...) -- C:\WINDOWS\setuplog.txt [842019]

O44 - LFC:[MD5.D21C9A76AD93C0A7F5EEF5C3BD6C5D0C] - 2011-06-02 - 17:26:43 ---A- . (...) -- C:\WINDOWS\System32\spupdwxp.log [269]

O44 - LFC:[MD5.268B03D71678BF7AC6136E5A44251E2E] - 2011-06-02 - 17:26:53 ---A- . (...) -- C:\WINDOWS\DtcInstall.log [359]

O44 - LFC:[MD5.97A4B6357140FAF1F39249AF7807B95D] - 2011-06-02 - 17:27:00 ---A- . (...) -- C:\WINDOWS\OEWABLog.txt [1178]

O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2011-06-02 - 17:27:03 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]

O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 2011-06-02 - 17:27:49 ---A- . (...) -- C:\WINDOWS\System32\CONFIG.NT [3120]

O44 - LFC:[MD5.E3ABFE23362F8B5581F937D297D74739] - 2011-06-02 - 17:38:27 ---A- . (...) -- C:\WINDOWS\Wudf01000Inst.log [35773]

O44 - LFC:[MD5.16C208CE9286A802865E5EE88DE0A9A0] - 2011-06-02 - 17:39:02 ---A- . (...) -- C:\WINDOWS\WMFDist11.log [54753]

O44 - LFC:[MD5.F5C397BEFBE878EBBAA17055D06359C7] - 2011-06-02 - 17:39:27 ---A- . (...) -- C:\WINDOWS\win.ini [507]

O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 2011-06-02 - 17:39:30 ---A- . (...) -- C:\WINDOWS\System32\amcompat.tlb [16832]

O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 2011-06-02 - 17:39:30 ---A- . (...) -- C:\WINDOWS\System32\nscompat.tlb [23392]

O44 - LFC:[MD5.D0093AB825D3829902F413C9F3E6D722] - 2011-06-02 - 17:39:32 ---A- . (...) -- C:\WINDOWS\wmp11.log [43514]

O44 - LFC:[MD5.11B70BF15C49C60A36039BC09FC5F692] - 2011-06-02 - 17:39:32 ---A- . (...) -- C:\WINDOWS\wmsetup10.log [2096]

O44 - LFC:[MD5.0E398982861B7569E819CAFB03271AB1] - 2011-06-02 - 17:39:38 ---A- . (...) -- C:\WINDOWS\MSCompPackV1.log [29523]

O44 - LFC:[MD5.AE215E3EB3492555E92324F9ABFD5096] - 2011-06-02 - 17:39:47 ---A- . (...) -- C:\WINDOWS\KB950762.log [39331]

O44 - LFC:[MD5.B8964AEAFB2D2CDA0C142DA6A14BC258] - 2011-06-02 - 17:39:51 ---A- . (...) -- C:\WINDOWS\KB951376-v2.log [39289]

O44 - LFC:[MD5.B4108BE7D50D38E8F8FD8C7092F732C8] - 2011-06-02 - 17:39:56 ---A- . (...) -- C:\WINDOWS\KB951978.log [70961]

O44 - LFC:[MD5.27754F0F1B831F7E3EC72DE215DDDC63] - 2011-06-02 - 17:39:59 ---A- . (...) -- C:\WINDOWS\KB946648.log [39304]

O44 - LFC:[MD5.FC6940781C57CD902145425024DC0F42] - 2011-06-02 - 17:40:03 ---A- . (...) -- C:\WINDOWS\KB952954.log [69266]

O44 - LFC:[MD5.95EB9744DAD36EAC8CAF933F029F3EC5] - 2011-06-02 - 17:40:07 ---A- . (...) -- C:\WINDOWS\KB950974.log [70085]

O44 - LFC:[MD5.5FC30AC2CC44F3D307CADA0FB2B10522] - 2011-06-02 - 17:40:11 ---A- . (...) -- C:\WINDOWS\KB952287.log [39368]

O44 - LFC:[MD5.6A95342BD912761265A5E61568B7B483] - 2011-06-02 - 17:40:15 ---A- . (...) -- C:\WINDOWS\KB958644.log [40175]

O44 - LFC:[MD5.436FF49BBAFCCA216F84AF7F2C475076] - 2011-06-02 - 17:40:19 ---A- . (...) -- C:\WINDOWS\KB954459.log [71147]

O44 - LFC:[MD5.65442A57BD4FBC338F7C7C0506C24E13] - 2011-06-02 - 17:40:23 ---A- . (...) -- C:\WINDOWS\KB956802.log [71638]

O44 - LFC:[MD5.6A56D437F931EA30C20405C4ECFB063D] - 2011-06-02 - 18:37:41 ---A- . (...) -- C:\WINDOWS\WgaNotify.log [36344]

O44 - LFC:[MD5.055FF45B9E4DF19C31B6C74CFAA9480E] - 2011-06-02 - 18:40:20 ---A- . (...) -- C:\WINDOWS\KB923561.log [43561]

O44 - LFC:[MD5.62C66D3A1E63383BE24A34483C56A12A] - 2011-06-02 - 18:40:28 ---A- . (...) -- C:\WINDOWS\KB956572.log [49496]

O44 - LFC:[MD5.F23BFA3585CAC4CA6589CEC70988C3F0] - 2011-06-02 - 18:40:35 ---A- . (...) -- C:\WINDOWS\KB952004.log [78920]

O44 - LFC:[MD5.E3C622C1FDA9AB8BF553FCDE804045F5] - 2011-06-02 - 18:40:39 ---A- . (...) -- C:\WINDOWS\KB960803.log [47660]

O44 - LFC:[MD5.F8A2E359028C3EA90EC628AD02302CB5] - 2011-06-02 - 18:40:44 ---A- . (...) -- C:\WINDOWS\KB959426.log [79478]

O44 - LFC:[MD5.4189715234DE789172EA9F33A177D54B] - 2011-06-02 - 18:40:48 ---A- . (...) -- C:\WINDOWS\KB961501.log [79539]

O44 - LFC:[MD5.757EB89B6FB3D8B085F9DB6104624A5A] - 2011-06-02 - 18:40:53 ---A- . (...) -- C:\WINDOWS\KB973540.log [43556]

O44 - LFC:[MD5.47F99BE519D831ED07F570F49EEF0340] - 2011-06-02 - 18:40:57 ---A- . (...) -- C:\WINDOWS\KB973869.log [48406]

O44 - LFC:[MD5.A77C179E1F687E8F4F1DF6122C48E725] - 2011-06-02 - 18:41:01 ---A- . (...) -- C:\WINDOWS\KB956744.log [48796]

O44 - LFC:[MD5.E1FD8F5CEE54C50CEF4DC7BBA84A5EAD] - 2011-06-02 - 18:41:06 ---A- . (...) -- C:\WINDOWS\KB973507.log [80179]

O44 - LFC:[MD5.BCD1478A7CCB3B3FAD9DE32FB2DE2F1E] - 2011-06-02 - 18:41:10 ---A- . (...) -- C:\WINDOWS\KB960859.log [80069]

O44 - LFC:[MD5.A2229217ADD05241F73514C71E5CFE2F] - 2011-06-02 - 18:41:15 ---A- . (...) -- C:\WINDOWS\KB973815.log [79998]

O44 - LFC:[MD5.E6F4E410982565F30DD3E474EE7C4810] - 2011-06-02 - 18:41:19 ---A- . (...) -- C:\WINDOWS\KB971657.log [80374]

O44 - LFC:[MD5.7A718F561AF9421D1595421514B225A9] - 2011-06-02 - 19:16:14 ---A- . (...) -- C:\WINDOWS\ie8.log [79223]

O44 - LFC:[MD5.90D4138215055C4BAFEB1E8CCB9A62A5] - 2011-06-02 - 19:16:33 ---A- . (...) -- C:\WINDOWS\KB982381-IE8.log [84514]

O44 - LFC:[MD5.71C3409ECFAA7E573BD105AEE92C723B] - 2011-06-02 - 19:16:38 ---A- . (...) -- C:\WINDOWS\KB2447568-IE8.log [79160]

O44 - LFC:[MD5.FA8A5833D8A86C2E024714424B0565CA] - 2011-06-02 - 19:16:42 ---A- . (...) -- C:\WINDOWS\KB2467659.log [78512]

O44 - LFC:[MD5.2E08C8CFDE23FE495865B4880978222A] - 2011-06-02 - 19:17:01 ---A- . (...) -- C:\WINDOWS\KB2497640-IE8.log [88900]

O44 - LFC:[MD5.AB0FF99447A704EDB00DBB5DDE20E270] - 2011-06-02 - 19:17:04 ---A- . (...) -- C:\WINDOWS\ie8_main.log [69846]

O44 - LFC:[MD5.E3838FAE83C1B26B56770AD2241133B0] - 2011-06-02 - 19:17:09 ---A- . (...) -- C:\WINDOWS\KB956844.log [82671]

O44 - LFC:[MD5.4DC8C28208438F09FB79C1082A25CBE8] - 2011-06-02 - 19:17:12 ---A- . (...) -- C:\WINDOWS\KB954155.log [77523]

O44 - LFC:[MD5.9ED174208D97BD6CC61843B2F43DBB3E] - 2011-06-02 - 19:17:17 ---A- . (...) -- C:\WINDOWS\KB975025.log [114048]

O44 - LFC:[MD5.328C93B28CC75FEBA53C0F1FE26328A3] - 2011-06-02 - 19:17:21 ---A- . (...) -- C:\WINDOWS\KB974571.log [114931]

O44 - LFC:[MD5.1EC95163B2FB2BAAB501E3840777F2D6] - 2011-06-02 - 19:17:25 ---A- . (...) -- C:\WINDOWS\KB974112.log [114630]

O44 - LFC:[MD5.F8B37D740E9F5FD212A0FFD2CDB21E25] - 2011-06-02 - 19:17:30 ---A- . (...) -- C:\WINDOWS\KB969059.log [114622]

O44 - LFC:[MD5.2A53887171611ED1555D37BABD0A11F1] - 2011-06-02 - 19:17:36 ---A- . (...) -- C:\WINDOWS\KB968389.log [118790]

O44 - LFC:[MD5.56C0451B8D355B94DE6A3F2FA0AFADA2] - 2011-06-02 - 19:17:41 ---A- . (...) -- C:\WINDOWS\KB975467.log [117901]

O44 - LFC:[MD5.BD7A93DF19B275FE29A1253F0C954164] - 2011-06-02 - 19:17:46 ---A- . (...) -- C:\WINDOWS\KB973687.log [86861]

O44 - LFC:[MD5.6F71DA3C4B4C2E363E02499F887F43FE] - 2011-06-02 - 19:17:50 ---A- . (...) -- C:\WINDOWS\KB952069.log [87561]

O44 - LFC:[MD5.FDABECA54483F5F2620F2B0F148DA3D7] - 2011-06-02 - 19:17:55 ---A- . (...) -- C:\WINDOWS\KB974318.log [120398]

O44 - LFC:[MD5.FB54E36078786F2BDC4CD27D06A48DC8] - 2011-06-02 - 19:18:00 ---A- . (...) -- C:\WINDOWS\KB974392.log [120807]

O44 - LFC:[MD5.1C2856031F60ECA37A940B1F137376CD] - 2011-06-02 - 19:18:05 ---A- . (...) -- C:\WINDOWS\KB955759.log [89719]

O44 - LFC:[MD5.093B03707586D32D43F314AB7147F3F9] - 2011-06-02 - 19:18:10 ---A- . (...) -- C:\WINDOWS\KB973904.log [90136]

O44 - LFC:[MD5.76BC58C7E3584383A1B6BF539D5873D7] - 2011-06-02 - 19:18:15 ---A- . (...) -- C:\WINDOWS\KB971513.log [84447]

O44 - LFC:[MD5.11B311AFF09673B8D39B09C0141DA48F] - 2011-06-02 - 19:18:20 ---A- . (...) -- C:\WINDOWS\KB972270.log [91408]

O44 - LFC:[MD5.3ADC8DB28C99C9663D4B0F432EEAA286] - 2011-06-02 - 19:18:24 ---A- . (...) -- C:\WINDOWS\KB975713.log [124429]

O44 - LFC:[MD5.6C1AA044F1EDB6FC7867DA9812A42440] - 2011-06-02 - 19:18:31 ---A- . (...) -- C:\WINDOWS\KB975560.log [125026]

O44 - LFC:[MD5.05DB4AEDD7C2184D32876E1A73490599] - 2011-06-02 - 19:18:38 ---A- . (...) -- C:\WINDOWS\KB977914.log [125692]

O44 - LFC:[MD5.876506E2C2DD1DA7A64E8324B4793107] - 2011-06-02 - 19:18:42 ---A- . (...) -- C:\WINDOWS\KB978706.log [124122]

O44 - LFC:[MD5.1195C6278024EAE2162E7D469A6D8835] - 2011-06-02 - 19:18:47 ---A- . (...) -- C:\WINDOWS\KB977816.log [124194]

O44 - LFC:[MD5.178833F8DE5B8E26E2E776ADE79E7927] - 2011-06-02 - 19:18:52 ---A- . (...) -- C:\WINDOWS\KB979309.log [142751]

O44 - LFC:[MD5.85CDA38C77FC458BDE3BE0A63F68D7E1] - 2011-06-02 - 19:18:56 ---A- . (...) -- C:\WINDOWS\KB978338.log [124657]

O44 - LFC:[MD5.78F504C5DD1CB9E51BB8100F923945EB] - 2011-06-02 - 19:19:01 ---A- . (...) -- C:\WINDOWS\KB978601.log [124962]

O44 - LFC:[MD5.400C6E5F83B2A1947270FABDD1C2FF50] - 2011-06-02 - 19:19:07 ---A- . (...) -- C:\WINDOWS\KB978542.log [126202]

O44 - LFC:[MD5.8D2E53E6027CC7D70A035A7DEFA106A9] - 2011-06-02 - 19:19:10 ---A- . (...) -- C:\WINDOWS\KB978695.log [89874]

O44 - LFC:[MD5.27D6014A27FB461E431326A077528AED] - 2011-06-02 - 19:19:16 ---A- . (...) -- C:\WINDOWS\KB979482.log [126204]

O44 - LFC:[MD5.8CB7DDD8C04D21707091416BFA5F08A0] - 2011-06-02 - 19:19:20 ---A- . (...) -- C:\WINDOWS\KB975562.log [126209]

O44 - LFC:[MD5.2422AF642427D8193F4AB4B89666CF1E] - 2011-06-02 - 19:19:25 ---A- . (...) -- C:\WINDOWS\KB2229593.log [92616]

O44 - LFC:[MD5.602E347BFD744939203175FC230AE11A] - 2011-06-02 - 19:19:30 ---A- . (...) -- C:\WINDOWS\KB2115168.log [126215]

O44 - LFC:[MD5.1B675374E3581AC579FC5C292D5DD906] - 2011-06-02 - 19:19:35 ---A- . (...) -- C:\WINDOWS\KB982665.log [126135]

O44 - LFC:[MD5.C3E7AE8F89328DF52938C9BB3FC5242B] - 2011-06-02 - 19:19:39 ---A- . (...) -- C:\WINDOWS\KB981997.log [92339]

O44 - LFC:[MD5.AA1C5255B6234DE4164EE5D90F3E5363] - 2011-06-02 - 19:19:44 ---A- . (...) -- C:\WINDOWS\KB980436.log [127112]

O44 - LFC:[MD5.DB3000C326F85838B9B830486D3C1E88] - 2011-06-02 - 19:19:50 ---A- . (...) -- C:\WINDOWS\KB981322.log [126606]

O44 - LFC:[MD5.AFBC051BA479366B54AB933A02C294FC] - 2011-06-02 - 19:19:54 ---A- . (...) -- C:\WINDOWS\KB2121546.log [127508]

O44 - LFC:[MD5.31846370FF81901A6744CBDB7B8A76ED] - 2011-06-02 - 19:20:00 ---A- . (...) -- C:\WINDOWS\KB2347290.log [128026]

O44 - LFC:[MD5.48323C6D672AA282702FF6BF4DEAB356] - 2011-06-02 - 19:20:04 ---A- . (...) -- C:\WINDOWS\KB975558.log [91369]

O44 - LFC:[MD5.40F3909E792D00E9259FBC73F4EF3846] - 2011-06-02 - 19:20:09 ---A- . (...) -- C:\WINDOWS\KB979687.log [129897]

O44 - LFC:[MD5.E24D5CE3A83F4C1D40D85E93158C1B82] - 2011-06-02 - 19:20:13 ---A- . (...) -- C:\WINDOWS\KB2296011.log [93006]

O44 - LFC:[MD5.FADED0DB5F4960483E089890DE2A5A9D] - 2011-06-02 - 19:20:19 ---A- . (...) -- C:\WINDOWS\KB2378111.log [92594]

O44 - LFC:[MD5.2522A83579CAB1133BA18C40C81F5812] - 2011-06-02 - 19:20:19 ---A- . (...) -- C:\WINDOWS\wmsetup.log [16257]

O44 - LFC:[MD5.2280973E346DDB0845C00CD75A6E7381] - 2011-06-02 - 19:20:25 ---A- . (...) -- C:\WINDOWS\KB2387149.log [96549]

O44 - LFC:[MD5.9E4850BA3EF1DD9A533B30A55FAC51A3] - 2011-06-02 - 19:20:30 ---A- . (...) -- C:\WINDOWS\KB982132.log [130064]

O44 - LFC:[MD5.E9EE28AB0E957C47E0FD8810B6DAF2F3] - 2011-06-02 - 19:20:35 ---A- . (...) -- C:\WINDOWS\KB2360937.log [97002]

O44 - LFC:[MD5.3271B9DE69243CD305A5429B4CDA95D2] - 2011-06-02 - 19:20:41 ---A- . (...) -- C:\WINDOWS\KB2079403.log [131961]

O44 - LFC:[MD5.7A225713D1C981EDE70D4B1B307D3CDC] - 2011-06-02 - 19:20:46 ---A- . (...) -- C:\WINDOWS\KB2423089.log [96745]

O44 - LFC:[MD5.075E7DA2403767BDACD96770B7D308E2] - 2011-06-02 - 19:20:51 ---A- . (...) -- C:\WINDOWS\KB2443105.log [131458]

O44 - LFC:[MD5.D3B7600DE985642D5BEF2B73F10674EA] - 2011-06-02 - 19:20:55 ---A- . (...) -- C:\WINDOWS\KB2443685.log [92325]

O44 - LFC:[MD5.1D4029D2834818AEA7396AB1155C9215] - 2011-06-02 - 19:20:55 ---A- . (...) -- C:\WINDOWS\System32\TZLog.log [4402]

O44 - LFC:[MD5.2C1EC65FEE7F8A5C921431E61302BDDB] - 2011-06-02 - 19:21:00 ---A- . (...) -- C:\WINDOWS\KB2440591.log [96967]

O44 - LFC:[MD5.9EF64957A9EE64A2E821F2BE5289F609] - 2011-06-02 - 19:21:07 ---A- . (...) -- C:\WINDOWS\KB2419632.log [139628]

O44 - LFC:[MD5.69BE7F9280BD6F1A6AFBDC42771604FA] - 2011-06-02 - 19:21:12 ---A- . (...) -- C:\WINDOWS\KB2478971.log [139204]

O44 - LFC:[MD5.94A30AFAA8701BDD525A9BB72FC686F8] - 2011-06-02 - 19:21:19 ---A- . (...) -- C:\WINDOWS\KB2483185.log [139737]

O44 - LFC:[MD5.D6D9D0C63448656D343EC9C62FAEE5FD] - 2011-06-02 - 19:21:25 ---A- . (...) -- C:\WINDOWS\KB2478960.log [139539]

O44 - LFC:[MD5.337630758E727AF763208FEE8D24ABA4] - 2011-06-02 - 19:21:32 ---A- . (...) -- C:\WINDOWS\KB2393802.log [106102]

O44 - LFC:[MD5.440A5B20470759BC5A7A3688A988DA2B] - 2011-06-02 - 19:21:37 ---A- . (...) -- C:\WINDOWS\KB2476687.log [139711]

O44 - LFC:[MD5.308F2494AA84EB2ABA9F9473F136C5DF] - 2011-06-02 - 19:21:43 ---A- . (...) -- C:\WINDOWS\KB971029.log [140526]

O44 - LFC:[MD5.FC406AF6BCE0C63F618F62C531F3FEDD] - 2011-06-02 - 19:21:49 ---A- . (...) -- C:\WINDOWS\KB2479943.log [140281]

O44 - LFC:[MD5.9B8C85D5665C2F74A4DCC781C8F52C62] - 2011-06-02 - 19:21:55 ---A- . (...) -- C:\WINDOWS\KB2481109.log [141729]

O44 - LFC:[MD5.131C4EAD143E2445E90149937FF09DD2] - 2011-06-02 - 19:22:00 ---A- . (...) -- C:\WINDOWS\KB2485663.log [104295]

O44 - LFC:[MD5.1AB53ADC8619A63A77E777394A69E3DF] - 2011-06-02 - 19:22:05 ---A- . (...) -- C:\WINDOWS\KB2508429.log [141252]

O44 - LFC:[MD5.876F343E23B8CB691B7967B5C8178639] - 2011-06-02 - 19:22:11 ---A- . (...) -- C:\WINDOWS\KB2506212.log [141591]

O44 - LFC:[MD5.42F9220D38B45463342F7D3A015547E1] - 2011-06-02 - 19:22:17 ---A- . (...) -- C:\WINDOWS\KB2506223.log [142169]

O44 - LFC:[MD5.7F9A8869767CAE4CA8A6557C2434E98E] - 2011-06-02 - 19:22:22 ---A- . (...) -- C:\WINDOWS\KB2511455.log [105560]

O44 - LFC:[MD5.3F68FE79B59E4B0FDD12F31F50B609E5] - 2011-06-02 - 19:22:27 ---A- . (...) -- C:\WINDOWS\KB2503658.log [142166]

O44 - LFC:[MD5.67CFF5FCB84B62256B14021AEAA59732] - 2011-06-02 - 19:22:33 ---A- . (...) -- C:\WINDOWS\KB2508272.log [105254]

O44 - LFC:[MD5.40AEB8848ED3AB4B60188FB40DAF51F4] - 2011-06-02 - 19:22:41 ---A- . (...) -- C:\WINDOWS\KB2497640.log [145198]

O44 - LFC:[MD5.8B8F1894E55EC9CE877DC79D0B3183F7] - 2011-06-02 - 19:22:46 ---A- . (...) -- C:\WINDOWS\KB2507618.log [142699]

O44 - LFC:[MD5.D0BA02D4E285F547956EB1B870404B2F] - 2011-06-02 - 19:22:52 ---A- . (...) -- C:\WINDOWS\KB2510581.log [145014]

O44 - LFC:[MD5.3CB8730EDF2AE2B0BEBE325AD3246031] - 2011-06-02 - 19:22:56 ---A- . (...) -- C:\WINDOWS\KB2412687.log [103840]

O44 - LFC:[MD5.25A506F029394C4E9733F06A9758AF7D] - 2011-06-02 - 19:23:03 ---A- . (...) -- C:\WINDOWS\KB2509553.log [145963]

O44 - LFC:[MD5.CCD054B9510D310BBF549AB47D844523] - 2011-06-02 - 19:23:08 ---A- . (...) -- C:\WINDOWS\KB2524375.log [107753]

O44 - LFC:[MD5.87B99D98909E292B965F04524774EEC5] - 2011-06-02 - 19:31:39 ---A- . (...) -- C:\WINDOWS\spupdsvc.log.1.log [352]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-02 - 19:42:49 ---A- . (...) -- C:\WINDOWS\nsreg.dat [0]

O44 - LFC:[MD5.46A6C63222D2C22CE5ED1196816857DF] - 2011-06-02 - 20:00:32 ---A- . (.InstallShield Corporation, Inc. - InstallShield Deinstaller.) -- C:\WINDOWS\unin040c.exe [298496]

O44 - LFC:[MD5.F80128536763FDF2BD7A77A259303DAD] - 2011-06-02 - 20:00:35 ---A- . (.Lexmark International, Inc. - LCNA Port Monitor.) -- C:\WINDOWS\System32\LXBFPMNT.DLL [286720]

O44 - LFC:[MD5.83560D773A3467517FAC012F4C33EE3A] - 2011-06-02 - 20:00:36 ---A- . (.Lexmark International, Inc. - LCNA COM Client.) -- C:\WINDOWS\System32\LXBFLCNT.DLL [217088]

O44 - LFC:[MD5.E6A36F42A3A0D174E9AA47ECCD54C1E2] - 2011-06-02 - 20:00:36 ---A- . (.Lexmark International, Inc. - LCNA COM Server.) -- C:\WINDOWS\System32\LXBFLSNT.EXE [544768]

O44 - LFC:[MD5.91EC3FEF65ECAB0EAFAFD5C5AB9F45B6] - 2011-06-02 - 20:00:36 ---A- . (.Lexmark International, Inc. - LCNA Configuration Utility.) -- C:\WINDOWS\System32\LXBFCFG.EXE [126976]

O44 - LFC:[MD5.C69C9C8F5DFC17E15B66D86C180D4BE8] - 2011-06-02 - 20:00:37 ---A- . (.Lexmark International Inc. - Cu DLL.) -- C:\WINDOWS\System32\LXBFCU.DLL [69632]

O44 - LFC:[MD5.731BCB6AE57B589A43EC8B59F49B1CC4] - 2011-06-02 - 20:00:37 ---A- . (.Lexmark International Inc. - Cu resource DLL.) -- C:\WINDOWS\System32\LXBFCUR.DLL [94208]

O44 - LFC:[MD5.4FC0148E1FE2EABFE02EF76AA0050356] - 2011-06-02 - 20:00:38 ---A- . (.Lexmark International Inc. - jsw resource DLL.) -- C:\WINDOWS\System32\LXBFJSWR.DLL [483328]

O44 - LFC:[MD5.EC474ED8B723A4D9272B7EB92387F2F6] - 2011-06-02 - 20:00:38 ---A- . (.Lexmark International Inc. - utilities DLL.) -- C:\WINDOWS\System32\LXBFUTIL.DLL [352256]

O44 - LFC:[MD5.6AF6E25323B0967A1366E4FF7FC17EF4] - 2011-06-02 - 20:00:38 ---A- . (.Lexmark International, Inc. - Lexping.) -- C:\WINDOWS\System32\LEXPING.EXE [155648]

O44 - LFC:[MD5.23558D314D3EA687EAF1998C7480F93F] - 2011-06-02 - 20:00:50 ---A- . (.Lexmark International, Inc. - CopyInf DLL - Hardware First 2K/XP.) -- C:\WINDOWS\System32\lxbfcinf.dll [57344]

O44 - LFC:[MD5.F6E7AACE4A87B6FA2B3F97F292E9EF25] - 2011-06-02 - 20:00:50 ---A- . (.Lexmark International, Inc. - Generic Coinstaller.) -- C:\WINDOWS\System32\lxbfcoin.dll [49152]

O44 - LFC:[MD5.7960795A539C3A3AA8D7960D444C67CF] - 2011-06-02 - 20:00:50 ---A- . (.Lexmark International, Inc. - Scanner Installer DLL.) -- C:\WINDOWS\System32\lxbfscin.dll [69632]

O44 - LFC:[MD5.3DC44F7C4C10B79F4A9AFAD94AB7694A] - 2011-06-02 - 20:01:03 ---A- . (.Lexmark International, Inc. - LEXLMPM DLL.) -- C:\WINDOWS\System32\lexlmpm.dll [192512]

O44 - LFC:[MD5.C1A7BD44A7EEDD02F13F742014588EA9] - 2011-06-02 - 20:01:05 ---A- . (.Lexmark International, Inc. - LEX2KUSB DLL.) -- C:\WINDOWS\System32\LEX2KUSB.DLL [196096]

O44 - LFC:[MD5.BE173903E930429C835B6AF12C55DA77] - 2011-06-02 - 20:01:05 ---A- . (.Lexmark International, Inc. - LEXP2P32 DLL.) -- C:\WINDOWS\System32\LEXP2P32.DLL [201216]

O44 - LFC:[MD5.F2683B52D9A8FFCCE312032752FFB683] - 2011-06-02 - 20:01:05 ---A- . (.Lexmark International, Inc. - LEXPPS.EXE.) -- C:\WINDOWS\System32\LEXPPS.EXE [174592]

O44 - LFC:[MD5.2098A00B00C042996304A97B25413236] - 2011-06-02 - 20:01:05 ---A- . (.Lexmark International, Inc. - LexBce Client.) -- C:\WINDOWS\System32\LEXBCE.DLL [147456]

O44 - LFC:[MD5.7525DC67273A454AE9FED492382B9460] - 2011-06-02 - 20:01:05 ---A- . (.Lexmark International, Inc. - LexBce Service.) -- C:\WINDOWS\System32\LEXBCES.EXE [303104]

O44 - LFC:[MD5.A468FED83FE0F2AF1B0F828448844A18] - 2011-06-02 - 20:01:09 ---A- . (.Lexmark International, Inc. - BCE Client.) -- C:\WINDOWS\System32\lxbfcomm.dll [286720]

O44 - LFC:[MD5.E28DFA413A49858229FDB4E918D1B728] - 2011-06-02 - 20:01:10 ---A- . (.Lexmark International, Inc. - Lexmark ColorFine POR Monitor.) -- C:\WINDOWS\System32\lxbfpwr.dll [73728]

O44 - LFC:[MD5.E142970B7BD44A940E2CFE2C4C3ECF2D] - 2011-06-02 - 20:03:07 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [186608]

O44 - LFC:[MD5.3E4C03CEFAD8DE135263236B61A49C90] - 2011-06-02 - 20:17:59 ---A- . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\System32\NeroCheck.exe [155648]

O44 - LFC:[MD5.C357BF9CE80DDB0269FF8C3BF6689A35] - 2011-06-02 - 20:18:00 ---A- . (.Pegasus Software - TWNLIB20.) -- C:\WINDOWS\System32\TwnLib20.dll [106496]

O44 - LFC:[MD5.F0A759315EC0543DCE9A35A8AA268FC0] - 2011-06-07 - 21:04:33 ---A- . (...) -- C:\WINDOWS\KB941569.log [9944]

O44 - LFC:[MD5.DF7CB41B86956078FDB89F7C04D79519] - 2011-06-07 - 21:04:46 ---A- . (...) -- C:\WINDOWS\KB939683.log [7473]

O44 - LFC:[MD5.61FB9DC3E403552E610EBE9CF1734634] - 2011-06-07 - 21:04:59 ---A- . (...) -- C:\WINDOWS\KB929399.log [7722]

O44 - LFC:[MD5.24EA334CC28267B981180EA4D247F0D5] - 2011-06-07 - 21:05:02 ---A- . (...) -- C:\WINDOWS\KB954154.log [4622]

O44 - LFC:[MD5.99D2B7C95FF3D6B495CFF7D44417BBF1] - 2011-06-07 - 21:05:15 ---A- . (...) -- C:\WINDOWS\KB961503.log [12071]

O44 - LFC:[MD5.35CD8C4682A09A5302B0396F0972366F] - 2011-06-07 - 21:05:56 ---A- . (...) -- C:\WINDOWS\KB970430.log [13694]

O44 - LFC:[MD5.5256CE8626FA773B98E097D964A28B0D] - 2011-06-07 - 21:06:02 ---A- . (...) -- C:\WINDOWS\KB971737.log [13582]

O44 - LFC:[MD5.27A78C133C6840DA233D1E42B1B76E4D] - 2011-06-07 - 21:06:08 ---A- . (...) -- C:\WINDOWS\KB2345886.log [13951]

O44 - LFC:[MD5.42703FAB2248F1A1C93751BF8776679B] - 2011-06-07 - 21:06:15 ---A- . (...) -- C:\WINDOWS\KB2510531-IE8.log [10980]

O44 - LFC:[MD5.96A80BA5AE3144565E5693A498973333] - 2011-06-07 - 21:06:15 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1355]

O44 - LFC:[MD5.BF9400681AB3EE40F44035624A27721B] - 2011-06-07 - 21:06:28 ---A- . (...) -- C:\WINDOWS\updspapi.log [179706]

O44 - LFC:[MD5.21F9D5F43A930029C004EFDF57F0F6F8] - 2011-06-07 - 21:06:30 ---A- . (...) -- C:\WINDOWS\msmqinst.log [230766]

O44 - LFC:[MD5.F104E58ADD9C3F6CFF68A86572E2B435] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [734936]

O44 - LFC:[MD5.920068CB90DC8571947A5D41D8BD44E3] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\KB2492386.log [12378]

O44 - LFC:[MD5.9964687C103BDE698E55649A1DBD8C5A] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [52409]

O44 - LFC:[MD5.ED6F308E3C6D9688390130C517BDD675] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\comsetup.log [255790]

O44 - LFC:[MD5.A7DCDCD87A06D1622070AB9E15CE59C7] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\iis6.log [815041]

O44 - LFC:[MD5.59442CE9E1045AF4C5701D79745FA21C] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\imsins.log [1355]

O44 - LFC:[MD5.DC0D502F59C7B6618D28629789D98810] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\msgsocm.log [36868]

O44 - LFC:[MD5.7AB435433895CE849D49BAADC5D2B892] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\netfxocm.log [129175]

O44 - LFC:[MD5.F1459D214F4499635106F3651500D543] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [152850]

O44 - LFC:[MD5.16BE9A8511F7A2642D82F175DB29A458] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\ocgen.log [360373]

O44 - LFC:[MD5.6A4D521FE1B94EA02125E6697F4D8A72] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\ocmsn.log [40718]

O44 - LFC:[MD5.C9D665FD50E269750F9AECA3635A69EE] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\tabletoc.log [37795]

O44 - LFC:[MD5.0C7F19503B0A6979E92EB22863069438] - 2011-06-07 - 21:06:31 ---A- . (...) -- C:\WINDOWS\tsoc.log [339307]

O44 - LFC:[MD5.CC4EB3CB6E0CDE17CC1DD0C29F241D34] - 2011-06-08 - 10:32:56 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [83265]

O44 - LFC:[MD5.B7B344A383243B32862FE90C66568265] - 2011-06-08 - 10:34:00 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [775210]

O44 - LFC:[MD5.A5DEA77F10730D8AE77199C47198F4A8] - 2011-06-08 - 10:34:00 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [39992]

O44 - LFC:[MD5.778661DBC0CC0FEED325DA6AA94ED3E2] - 2011-06-08 - 10:34:00 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [48616]

O44 - LFC:[MD5.53522429DAB8AA21FF925B80B927107C] - 2011-06-08 - 10:34:00 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [311604]

O44 - LFC:[MD5.68FD4E4DFA86CCBFA6587925645EAD2E] - 2011-06-08 - 10:34:00 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [367658]

O44 - LFC:[MD5.865D660B619B5C517D3F64EBBAC0CD23] - 2011-06-09 - 21:12:25 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [404640]

O44 - LFC:[MD5.909D7086F16D1319025C7ED9FC6D4A71] - 2011-06-12 - 07:23:07 ---A- . (...) -- C:\WINDOWS\setupact.log [180650]

O44 - LFC:[MD5.3623DAA46F6B5F100E85DE23CC6C8CD6] - 2011-06-12 - 12:54:56 ---A- . (...) -- C:\WINDOWS\lexstat.ini [333]

O44 - LFC:[MD5.B16E49BB7A841DE1193F02B25088702E] - 2011-06-14 - 17:18:52 ---A- . (...) -- C:\WINDOWS\setupapi.log [605570]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 2011-06-14 - 21:42:28 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-14 - 22:01:20 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [7524]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 2011-06-15 - 04:55:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-15 - 04:56:05 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-15 - 04:56:05 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2011-06-15 - 04:56:06 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.50B7678BA425CA1AABA069A8C9768289] - 2011-06-15 - 04:56:07 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [2422]

O44 - LFC:[MD5.CCEE1200F915817C00ECFD7FA0EF1200] - 2011-06-15 - 04:56:52 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1010280]

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" [Disabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys . (...) -- (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys . (...) -- (.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys . (...) -- (.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys . (...) -- (.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)(.not file.)

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.3F6884EFF406238D39AAA892218F1DF7] - 2011-05-10 - 06:59:37 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]

O58 - SDL:[MD5.7F08D9C504B015D81A8ABD75C80028C5] - 2011-05-10 - 06:59:35 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]

O58 - SDL:[MD5.FF028BFF4FE4E5CE35C797FBF1B21609] - 2011-05-10 - 07:02:22 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]

O58 - SDL:[MD5.C2181EF6B54752273A0759A968C59279] - 2011-05-10 - 07:02:25 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]

O58 - SDL:[MD5.AC48BDD4CD5D44AF33087C06D6E9511C] - 2011-05-10 - 06:59:56 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]

O58 - SDL:[MD5.B64134316FCD1F20E0F10EF3E65BD522] - 2011-05-10 - 07:03:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]

O58 - SDL:[MD5.D6788E3211AFA9951ED7A4D617F68A4F] - 2011-05-10 - 07:03:44 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [307928]

O58 - SDL:[MD5.4D100C45517809439C7B6DD98997FA00] - 2011-05-10 - 07:02:37 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [49240]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 2004-08-05 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 2004-08-05 - 07:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.48846B31BE5A4FA662CCFDE7A1BA86B9] - 2008-02-15 - 00:12:06 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [5854752]

O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 2011-05-29 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]

O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 2011-05-29 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [39984]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.C5BD32A70808DB0F8BC01CE80EEA2C3A] - 2006-12-26 - 07:31:06 R--A- . (.Windows ® Codename Longhorn DDK provider - Generic Port I/O.) -- C:\WINDOWS\system32\drivers\PortIo.sys [4864]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 2004-08-05 - 07:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 2004-08-05 - 07:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.89619EF503F949FAE09252A8B883EE11] - 2008-01-03 - 09:10:16 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [105856]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 2008-04-13 - 11:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.F420A4F17A0852E58627F18468C3FEC5] - 2008-03-24 - 22:32:12 ---A- . (.IDT, Inc. - NDRC.) -- C:\WINDOWS\system32\drivers\sthda.sys [1292888]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 2004-08-05 - 07:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 2004-08-05 - 07:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 2004-08-05 - 07:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\AAVMKER4.sys - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(...) - LEGACY_AAVMKER4

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWMON2.sys - (.not file.) - aswMon2 (aswMon2) .(...) - LEGACY_ASWMON2

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSP.sys - (.not file.) - aswSP (aswSP) .(...) - LEGACY_ASWSP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI

O64 - Services: CurCS - 2011-05-10 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - avast! Antivirus(avast! Antivirus) .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS

O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP

O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - 2008-04-13 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - 2004-08-05 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - 2010-08-30 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD

O64 - Services: CurCS - 2003-04-21 - C:\WINDOWS\system32\LEXBCES.exe - LexBce Server(LexBceS) .(.Lexmark International, Inc. - LexBce Service.) - LEGACY_LEXBCES

O64 - Services: CurCS - 2011-05-01 - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service(maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS

O64 - Services: CurCS - 2008-03-24 - c:\program files\idt\ecsxpv_5902_012208\wdm\STacSV.exe - Audio Service(STacSV) .(.IDT, Inc. - STacSV Module.) - LEGACY_STACSV

O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - Bing

O69 - SBI: SearchScopes [HKCU] {2BEA8E9B-7B58-499A-AB41-C4B6871F2F2B} [DefaultScope] - (Google) - Google

---\\ Scan Additionnel (O88)

Database Version : 8370 - (14/06/2011)

Clés trouvées (Keys found) : 2

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkCrawler\Objects\WorkgroupCrawler] =>Keylogger.Agent

[HKLM\Software\Classes\CLSID\{72B3882F-453A-4633-AAC9-8C3DCED62AFF}] =>Keylogger.Agent

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 2011-05-10 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

SS - | Demand 2008-04-13 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 2003-04-21 303104 | (LexBceS) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\LEXBCES.exe

SS - | Demand 2011-05-01 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe

SR - | Auto 2008-03-24 221239 | (STacSV) . (.IDT, Inc..) - c:\program files\idt\ecsxpv_5902_012208\wdm\STacSV.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Famille at 2011-06-15 06:07:08

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS

1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk1\DR1[0x89B9AAB8]

3 CLASSPNP[0xF7637FD7] -> nt!IofCallDriver[0x804E13B9] -> \Device\Ide\IdeDeviceP1T0L0-e[0x89B8EB00]

kernel: MBR read successfully

user & kernel MBR OK

End of the scan (1126 lines in 00mn 32s)(0)

France Q · le 17 juin 2011

Bonjour à tous,

Possible infection :tsss:

Connexion

Pas encore inscrit ?

Suis-je infecté

Messages recommandés

sunfire

sunfire

France Q

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer