besoin d aide bonjour mon ordi et tres long il rame trop merci

bonsoir

suis ce tutoriel et poste les rapports demandés

https://forum.pcastuces.com/aide_au_diagnostic_un_pc_infecte_pcastuces-f25s17490.htm

,

Applique ce qui vient;

0/ Malwarebytes

Installe Malwarebytes puis met là à jour, enfin fais un scan rapide. Tuto (merci nico_dodo)

1/ Erunt => Trés important

Suis le tuto de Philae (Merci philaé) Erunt

Tu fait simplement une sauvegarde du registre, nous sommes bien d'accord

2/ ZHPDiag de (Nicolas Coolman)

Ouvre ce lien et télécharge ZHPDiag :

http://telechargement.zebulon.fr/zhpdiag.html

• Enregistre le sur ton Bureau.

Zhpdiag et Zhpfix

Pour l'utiliser

Pour Xp : Double clique sur l'icône ZHPDiag
Pour Vista & 7: Clique droit sur l'icône ZHPDiag puis sélectionne 'Exécuter en tant qu'administrateur' : très important , et suis les instructions.

• Clique sur le et clique sur "Tous" sauf 01

• Clique sur la pour lancer l'analyse
  
  
• Laisse l'outil travailler, cela peut être assez long, tu peux même obtenir le message suivant, "Ne réponds plus", patiente, le temps de traitement peut être de 5 à 7 min ou plus,
• Pour moi cela dure => End of the scan (931 lines in 17mn 25s) donc c'est tout à fait normal.
  
  
  
• Ferme ZHPDiag en fin d'analyse.
  
  
• Pour transmettre le rapport clique sur ce lien :
• le rapport si situe normalement sur ton bureau => ZHPDiag.txt
  
  http://cjoint.com/
• Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag) ou (c:\programmes\Zhpdiag).
  
  Sélectionne le fichier ZHPDiag.txt, il doit y avoir la date du jour du lancement.
  
  Clique sur "Créer le lien".
  
  Un lien de cette forme :
  
  http://cjoint.com/?iErNEgHkid
  
  est ajouté dans la page.
• Copie ce lien dans ta réponse.
• Aide en Image (Merci à Fill)

• Malwarebytes
• Zhpdiag
• indique moi si tu as fais la sauvegarde avec Erunt

ca marche pas zhp j ai fais analyse mais j arrive pas a l envoyer sur le forum erreur tjr

coupe le en plusieurs morceaux ou poste le sur ci-joint

Accueil de Cjoint.com

impossible rien a faire bizarre erreur

pport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PMpport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 25/11/2010 18:06:02

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (24% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PM

A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.EA20D863A09D2C39A4E35D6D761236FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [25604904]

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]

[MD5.A0287B1A5C8FDC87850D7A4A27E6AB5B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [974904]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]

[MD5.2DCC5C800F51D487178814CA9EADA181] - (.Microsoft Corporation - Bloc-notes.) -- C:\WINDOWS\system32\notepad.exe [70656]

[MD5.AC53E87A01F8BCB1DDBCA60A817D87B7] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [621056]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [User Data\Default] http://www.google.com

G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18968 (longhorn_ie8_gdr.100824-1830)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - e-Carte Bleue.) -- C:\WINDOWS\system32\BhoECart.dll

O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Microsoft Corporation - Windows Live Call Click-to-Call BHO.) -- C:\Program Files\Windows Live\Messenger\wlchtc.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC44

65B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline

O4 - HKLM\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [msn] . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe

O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.)

O4 - HKCU\..\Run: [PC SpeedScan Pro] . (.Ascentive LLC - Pas de description.) -- C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [msn] . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.)

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [PC SpeedScan Pro] . (.Ascentive LLC - Pas de description.) -- C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (.Pas de propriétaire.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Windows Install Clean Up.lnk . (.Pas de propriétaire.) -- C:\Documents and Settings\samira\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

et Explorer (O8)

O8 - Extra context menu item: Recherche sur eBay - (.not file.) - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.

C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (gupdate1ca20209d514a24) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{501A6DDF-2FAE-4D13-837B-857AB538C9FC}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r102.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys

O41 - Driver: (SbFw) . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - C:\Windows\System32\drivers\SbFw.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (wceusbsh) . (.Microsoft Corporation - Hôte série USB Windows CE.) - C:\Windows\System32\DRIVERS\wceusbsh.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ATI Control Panel - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}

O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver

O42 - Logiciel: Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) - (.Adobe Systems, Inc.) [HKLM] -- {6846389C-BAC0-4374-808E-B120F86AF5D7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 8.1.2 Security Update 1 (KB403742) - (.Pas de propriétaire.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français

O42 - Logiciel: Adobe Reader 9.1.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai

O42 - Logiciel: AusLogics Registry Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {D627784F-B3EE-44E8-96B1-9509B991EA34}_is1

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2

O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1

O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Image Zone 5.3 - (.HP.) [HKLM] -- HP Photo & Imaging

O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart 330,380,420,470,7800,8000,8200 Series - (.HP.) [HKLM] -- {33D6CC28-9F75-4d1b-A11D-98895B3A3729}

O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {15EE79F4-4ED1-4267-9B0F-351009325D7D}

O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Java(TM) 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216012FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}

O42 - Logiciel: Kit de Connexion Alice ADSL - (.Pas de propriétaire.) [HKLM] -- {3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: MP3 Player Utilities 4.17 - (. .) [HKLM] -- {8B9852AF-B0B0-47B7-9BC5

5-89A95D77B6C9}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459) - (.Microsoft Corporation.) [HKLM] -- {97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) - (.Pas de propriétaire.) [HKLM] -- M928366

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wudf01005

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100

O42 - Logiciel: OpenOffice.org Installer 1.0 - (.Sun Microsystems.) [HKLM] -- {3A2AF807-9F9F-43C9-A24A-17B617238B74}

O42 - Logiciel: PC SpeedScan Pro - (.Ascentive.) [HKLM] -- {80F24F31-F641-4349-83F3-59E335976D16}

O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}

O42 - Logiciel: S4 League_EU - (.Pas de propriétaire.) [HKLM] -- {939AC279-B6BB-4ADE-BB77-3AB48563F6B4}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1

O42 - Logiciel: VGA USB Camera - (.Pas de propriétaire.) [HKLM] -- VGA USB Camera

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC

O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service

O42 - Logiciel: e-Carte Bleue Caisse d'Epargne - (.Pas de propriétaire.) [HKLM] -- {18EF615A-5AAD-4944-B24E-6CD7863FC735}

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Ascentive]

[HKCU\Software\Aurigma]

HKCU\Software\AusLogics]

[HKCU\Software\Avance]

[HKCU\Software\Avira]

[HKCU\Software\Binary Noise]

[HKCU\Software\Burda]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Grisoft]

[HKCU\Software\HP]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Innovative Solutions]

[HKCU\Software\Intel]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\Lavalys]

[HKCU\Software\Lavasoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogProductInv]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Netscape]

[HKCU\Software\ORL]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Skype]

[HKCU\Software\Sun Microsystems]

[HKCU\Software\SupportSoft]

[HKCU\Software\TAdvCheckList]

[HKCU\Software\Tiscali]

[HKCU\Software\TuneUp]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WholeSecurity]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKCU\Software\neowiz]

[HKCU\Software\symActivation]

[HKCU\Software\symSubscription]

[HKLM\Software\8322898]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Actions]

[HKLM\Software\Adobe]

[HKLM\Software\Alice ADSL]

[HKLM\Software\AppDataLow]

[HKLM\Software\Ascentive]

[HKLM\Software\AskBarDis]

[HKLM\Software\Auslogics]

[HKLM\Software\Avira]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\Eset]

[HKLM\Software\Gemplus]

[HKLM\Software\GlarySoft]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\Innovative Solutions]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\LEAD Technologies, Inc.]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

HKLM\Software\OmniVision]

[HKLM\Software\Policies]

[HKLM\Software\ProductM]

[HKLM\Software\Program Groups]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\STK018]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Skype]

[HKLM\Software\Stardock]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SupportSoft]

[HKLM\Software\SymNRT]

[HKLM\Software\Symantec]

[HKLM\Software\TechCity]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trymedia Systems]

[HKLM\Software\TuneUp]

[HKLM\Software\WIDCOMM_TEMP]

[HKLM\Software\WholeSecurity]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\Zone Labs]

[HKLM\Software\ahead]

[HKLM\Software\e-Carte Bleue Caisse d'Epargne]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 29/03/2009 - 13:59:58 ----D- C:\Program Files\Adobe

O43 - CFD: 25/11/2010 - 10:33:52 ----D- C:\Program Files\alaplaya

O43 - CFD: 17/04/2010 - 19:48:04 ----D- C:\Program Files\Alice

O43 - CFD: 17/06/2009 - 14:13:44 ----D- C:\Program Files\Alwil Software

O43 - CFD: 31/08/2009 - 12:41:28 ----D- C:\Program Files\Ascentive

O43 - CFD: 24/06/2009 - 10:08:08 ----D- C:\Program Files\Auslogics

O43 - CFD: 08/06/2009 - 16:34:20 ----D- C:\Program Files\Avira

O43 - CFD: 24/11/2007 - 14:13:16 ----D- C:\Program Files\AvRack

O43 - CFD: 16/03/2009 - 18:03:40 ----D- C:\Program Files\Capturino V2

O43 - CFD: 22/03/2009 - 17:06:44 ----D- C:\Program Files\CCleaner

O43 - CFD: 24/11/2007 - 14:18:56 ----D- C:\Program Files\CONEXANT

O43 - CFD: 01/07/2009 - 10:54:28 ----D- C:\Program Files\eMule

O43 - CFD: 14/02/2009 - 19:49:30 ----D- C:\Program Files\FastStone Capture

O43 - CFD: 25/11/2010 - 10:16:50 ----D- C:\Program Files\Fichiers communs

O43 - CFD: 18/08/2009 - 17:32:56 ----D- C:\Program Files\Google

O43 - CFD: 16/12/2007 - 18:24:36 ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 16/12/2007 - 18:24:30 ----D- C:\Program Files\HP

O43 - CFD: 25/11/2010 - 11:01:48 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 25/11/2010 - 11:13:48 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 23/06/2009 - 13:07:36 ----D- C:\Program Files\Java

O43 - CFD: 25/11/2010 - 17:34:30 ----D- C:\Program Files\Lavalys

O43 - CFD: 07/03/2009 - 18:39:38 ----D- C:\Program Files\Lavasoft

O43 - CFD: 25/11/2010 - 12:41:22 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 13/10/2008 - 12:11:08 ----D- C:\Program Files\McDonaldsDragons

O43 - CFD: 04/03/2009 - 18:31:26 ----D- C:\Program Files\Messenger

O43 - CFD: 08/02/2009 - 17:55:24 ----D- C:\Program Files\Microsoft

O43 - CFD: 17/12/2007 - 11:13:38 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 24/11/2007 - 13:31:00 ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 25/11/2010 - 12:41:22 ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 27/06/2009 - 12:55:26 ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 25/11/2010 - 10:29:28 ----D- C:\Program Files\Movie Maker

O43 - CFD: 25/11/2010 - 12:32:18 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 29/03/2009 - 13:45:52 ----D- C:\Program Files\MSECACHE

O43 - CFD: 08/02/2009 - 21:02:22 ----D- C:\Program Files\MSN

O43 - CFD: 24/11/2007 - 13:27:12 ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 09/02/2009 - 17:06:44 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 09/02/2009 - 17:56:12 ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 24/11/2007 - 14:22:32 ----D- C:\Program Files\Nero

O43 - CFD: 04/03/2009 - 18:33:04 ----D- C:\Program Files\NetMeeting

O43 - CFD: 29/03/2009 - 14:06:02 ----D- C:\Program Files\NOS

O43 - CFD: 24/11/2007 - 13:27:20 ----D- C:\Program Files\Online Services

O43 - CFD: 25/11/2010 - 10:39:48 ----D- C:\Program Files\Outlook Express

O43 - CFD: 04/03/2009 - 18:40:48 ----D- C:\Program Files\Realtek AC97

O43 - CFD: 24/11/2007 - 14:13:16 ----D- C:\Program Files\Realtek Sound Manager

O43 - CFD: 18/08/2009 - 17:25:24 R---D- C:\Program Files\Skype

O43 - CFD: 25/11/2010 - 12:35:12 ----D- C:\Program Files\Telecom Italia France

O43 - CFD: 15/03/2009 - 16:51:58 ----D- C:\Program Files\Trend Micro

O43 - CFD: 23/06/2009 - 18:51:14 ----D- C:\Program Files\TuneUp Utilities 2009

O43 - CFD: 29/03/2009 - 14:07:00 ----D- C:\Program Files\Unlocker

O43 - CFD: 29/03/2009 - 14:08:16 ----D- C:\Program Files\VS Revo Group

O43 - CFD: 29/03/2009 - 13:46:20 ----D- C:\Program Files\Windows Installer Clean Up

O43 - CFD: 22/01/2010 - 10:25:10 ----D- C:\Program Files\Windows Live

O43 - CFD: 15/03/2009 - 19:01:36 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 08/02/2009 - 21:06:26 ----D- C:\Program Files\Windows NT

O43 - CFD: 05/11/2008 - 19:56:04 --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 24/11/2007 - 13:31:00 ----D- C:\Program Files\xerox

O43 - CFD: 25/11/2010 - 12:37:48 ----D- C:\Program Files\Yahoo!

O43 - CFD: 25/11/2010 - 18:06:18 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 08/03/2009 - 19:55:30 ----D- C:\Program Files\Zone Labs

O43 - CFD: 29/03/2009 - 14:01:46 ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 24/11/2007 - 14:26:16 ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD: 25/11/2010 - 17:07:14 ----D- C:\Program Files\Fichiers Communs\Akamai

O43 - CFD: 16/12/2007 - 18:26:54 ----D- C:\Program Files\Fichiers Communs\HP

O43 - CFD: 25/11/2010 - 10:33:50 ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 03/03/2009 - 22:42:46 ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 24/11/2007 - 13:28:40 ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 24/11/2007 - 14:10:08 ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 24/11/2007 - 13:28:44 ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 18/08/2009 - 17:25:20 ----D- C:\Program Files\Fichiers Communs\Skype

O43 - CFD: 16/12/2007 - 18:27:24 ----D- C:\Program Files\Fichiers Communs\Sonic Shared

O43 - CFD: 24/11/2007 - 14:10:04 ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 25/11/2010 - 12:36:06 ----D- C:\Program Files\Fichiers Communs\Symantec Shared

O43 - CFD: 13/02/2009 - 11:58:14 ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 08/02/2009 - 17:24:04 ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 24/11/2007 - 16:49:38 -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.8CEE1200F915817C00DCFD7F60EF1200] - 25/11/2010 - 17:55:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32460]

O44 - LFC:[MD5.8CEE1200F915817C00DCFD7F60EF1200] - 25/11/2010 - 17:30:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1724698]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/11/2010 - 17:08:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.8CEE1200F915817C00DCFD7F60EF1200] - 25/11/2010 - 17:06:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.8CEE1200F915817C00DCFD7F60EF1200] - 25/11/2010 - 17:06:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.B41716E5D052D9D019E983DA13E8600E] - 25/11/2010 - 17:06:20 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.1EE222BBEE017035BEF20BCD87FF2B0A] - 25/11/2010 - 12:42:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\spupdsvc.log [1084]

O44 - LFC:[MD5.9BB813E9F1944872E8A840F334735BE3] - 25/11/2010 - 12:41:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [109400]

O44 - LFC:[MD5.9D7222AF71575EAB4E76B8D9CBED6890] - 25/11/2010 - 11:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [108365]

O44 - LFC:[MD5.087FA7683B5BD7E8ABE86371F687761A] - 25/11/2010 - 11:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [51837]

O44 - LFC:[MD5.59B5A7C504F51C4681939EFA4232FED7] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2387149.log [111553]

O44 - LFC:[MD5.E0E98D287D56C6CE56AD588E050C4947] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1393]

O44 - LFC:[MD5.4BA48A

BA48A8AB21E68CA9689EFA74F1C61F9] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [16068]

O44 - LFC:[MD5.DB05BB58FEA5AF96BAD31DB5483BF982] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [65535]

O44 - LFC:[MD5.B3BC005F0264528C350F978E8ED2CC26] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [153712]

O44 - LFC:[MD5.3C59A14D70DDE0BBB0ABC1EE3A7F9AE7] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [17784]

O44 - LFC:[MD5.282308829E221BC14E4B6D96F4046F4B] - 25/11/2010 - 11:40:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [122669]

O44 - LFC:[MD5.8E7C981576C061CEC9CE65AE1AA31256] - 25/11/2010 - 11:40:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [321506]

O44 - LFC:[MD5.7E25537DF8F039EDCAE70B0A644EC7DB] - 25/11/2010 - 11:40:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [127024]

O44 - LFC:[MD5.96BE975D789BBEB003AE761AD240C0B2] - 25/11/2010 - 11:40:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2279986.log [118570]

O44 - LFC:[MD5.96B2347AE8105285FDB44065ACD15EBD] - 25/11/2010 - 11:40:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK [1393]

O44 - LFC:[MD5.C066C211B7B983C59A0DD82A84880738] - 25/11/2010 - 11:39:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982214.log [110910]

O44 - LFC:[MD5.E10D2F68E800A32B742F63FFE1127945] - 25/11/2010 - 11:39:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976662-IE8.log [111723]

O44 - LFC:[MD5.7570461C2642B394C64A504BC5FC7A26] - 25/11/2010 - 11:39:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [14865]

O44 - LFC:[MD5.13AEBE8BFC6E560530284B05C66EB656] - 25/11/2010 - 11:38:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2345886.log [119349]

O44 - LFC:[MD5.5A0E02DD9F496626930BA35959775004] - 25/11/2010 - 11:38:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2259922.log [110229]

O44 - LFC:[MD5.5D618F098452724C9D06C617E7ED8783] - 25/11/2010 - 11:37:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980195.log [110048]

O44 - LFC:[MD5.47C75650767017F2AE6B61A8FCBA36E0] - 25/11/2010 - 11:37:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2296011.log [108116]

O44 - LFC:[MD5.54537D7C44864EBA34B1509FCFDAEBD2] - 25/11/2010 - 11:36:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980232.log [110298]

O44 - LFC:[MD5.CD386C97F2F3A1715388B2926A8138D0] - 25/11/2010 - 11:36:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2115168.log [117238]

O44 - LFC:[MD5.A5EDB03EDD30C8B2F5E6FCCCB2DFEFFC] - 25/11/2010 - 11:36:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975558.log [108997]

O44 - LFC:[MD5.5DDD39DBBAD40150EA9BC11F7F56E806] - 25/11/2010 - 11:36:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2378111.log [109198]

O44 - LFC:[MD5.993B6169CCBDEA0BCE37B867AD2E9C8F] - 25/11/2010 - 11:36:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [618]

O44 - LFC:[MD5.0E1DBEF1864259118FFCE6CCED46D2E5] - 25/11/2010 - 11:35:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2229593.log [110042]

O44 - LFC:[MD5.857C7BF1BFCE7B4D2F17ECD0B2879DD6] - 25/11/2010 - 11:34:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978037.log [117394]

O44 - LFC:[MD5.5253FB950A8F66212B456D0B99F6ED95] - 25/11/2010 - 11:34:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975713.log [117229]

O44 - LFC:[MD5.2F3B06659979B6CB6928C683B1C63FDB] - 25/11/2010 - 11:33:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982132.log [116386]

O44 - LFC:[MD5.8283021038E717CC2FD28FC26C5EC30F] - 25/11/2010 - 11:33:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978338.log [116914]

O44 - LFC:[MD5.E57AE84D97A39F900CB4326F5F928C37] - 25/11/2010 - 11:33:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2347290.log [116723]

O44 - LFC:[MD5.4FED5C10F3D6E77B390201672EB5E6C6] - 25/11/2010 - 11:32:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981852.log [111947]

O44 - LFC:[MD5.2A138A39D2FCE3D952DAC5382226A1EA] - 25/11/2010 - 11:31:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2079403.log [118052]

O44 - LFC:[MD5.7F62C97898301CE3439349AEECCB87D3] - 25/11/2010 - 11:16:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979687.log [116006]

O44 - LFC:[MD5.A6F171D4D252625968A873680BB42D81] - 25/11/2010 - 11:16:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2121546.log [116070]

O44 - LFC:[MD5.0681AE0536F0DB76ADFAD2C487BE32B2] - 25/11/2010 - 11:14:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2360131-IE8.log [113864]

O44 - LFC:[MD5.99F070276CA61A7A2A8C5F907548AC1B] - 25/11/2010 - 11:10:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975560.log [112948]

O44 - LFC:[MD5.DF1C068E8C94A6DD7579C3766692C1EF] - 25/11/2010 - 11:03:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB977816.log [51691]

O44 - LFC:[MD5.8541CF7EF6CE24EE5A3487591C30E340] - 25/11/2010 - 11:02:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978601.log [51338]

O44 - LFC:[MD5.4ED6C51BC415A6553A7455CFB9A05344] - 25/11/2010 - 11:02:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980436.log [52552]

O44 - LFC:[MD5.8D802444329DA078B4BA6DF483BE2063] - 25/11/2010 - 11:00:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981322.log [51673]

O44 - LFC:[MD5.4E5BF25882D1CD6418A7F75F776F304F] - 25/11/2010 - 10:56:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978695.log [42621]

O44 - LFC:[MD5.AB8E03EAEA17C262378372AE7549C683] - 25/11/2010 - 10:55:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976002-v5.log [40098]

O44 - LFC:[MD5.CE13A16565C1EFA36A2058F48C277861] - 25/11/2010 - 10:53:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981332-IE8.log [45653]

O44 - LFC:[MD5.3BB019AC075A191260F60480B6826B1E] - 25/11/2010 - 10:49:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB977914.log [52359]

O44 - LFC:[MD5.86BB79D8FD5CA543B95E8DD41F44BE4D] - 25/11/2010 - 10:40:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978542.log [21164]

O44 - LFC:[MD5.795565B7FC8A5FEA9F1BAAB14E9F3D56] - 25/11/2010 - 10:36:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2286198.log [21281]

O44 - LFC:[MD5.EC4308BA5272BCC4F8EF3F0D90DDE783] - 25/11/2010 - 10:34:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981957.log [21801]

O44 - LFC:[MD5.A54B40F0EF380C730B3B0D68ABD2F3C0] - 25/11/2010 - 10:33:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979309.log [20044]

O44 - LFC:[MD5.C52FA638FADB87BC52BA1F8E11154B7C] - 25/11/2010 - 10:31:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979482.log [21066]

O44 - LFC:[MD5.6B0E319F63A3746A9A601733652E31C4] - 25/11/2010 - 10:29:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981997.log [15179]

O44 - LFC:[MD5.F90DD6E1DBEFD3C5B22DBCC986D1CAAC] - 25/11/2010 - 10:28:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB975562.log [21418]

O44 - LFC:[MD5.6D1D2864BFF969E276CB5E3D6ABEEA63] - 25/11/2010 - 10:24:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2141007.log [20325]

O44 - LFC:[MD5.6AC99B16A3A0F8F71FE738E48A2BA252] - 25/11/2010 - 10:23:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2158563.log [9945]

O44 - LFC:[MD5.6F84F1C3D72F8E03EB4875F5B811C0E9] - 25/11/2010 - 10:23:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [494050]

O44 - LFC:[MD5.6F3851DEAF8A72266D177F170EC5B794] - 25/11/2010 - 10:22:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB982665.log [19964]

O44 - LFC:[MD5.2D1C2E8F999BF39ADCCE90EA324982B4] - 25/11/2010 - 10:21:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB2360937.log [15730]

O44 - LFC:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2010 - 10:08:44 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [56816]

O44 - LFC:[MD5.A7D5BA8EAD47A62AD33674F59FBA263C] - 25/11/2010 - 09:56:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_PCI SoftV92 Data Fax Modem with SmartCP.txt [3896]

O44 - LFC:[MD5.ABDA9AD3F76C346F1190571AAE70ACE6] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.TMP [3416]

O44 - LFC:[MD5.472DE68B398C83AF16A5543356D52ED8] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [77816]

O44 - LFC:[MD5.8344F216B11BCD7A0ECA408724061C37] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [474196]

O44 - LFC:[MD5.0D4DD965EBDE5A08C0FC265A3D6E9BB3] - 25/11/2010 - 09:49:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [13668]

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" [Disabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ftp.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe" [Disabled] .(.Kaspersky Lab - .) (.not file.) -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l

3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\System32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\System32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \drivers.desc\"iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

O53 - SMSR:HKLM\...\startupreg\Clavier+ [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Clavier+\Clavier.exe

O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O53 - SMSR:HKLM\...\startupreg\RegistryDoktorFrNET [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Registry Doktor 4.1\RegistryDoktor.exe

O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Skype\Phone\Skype.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Accès MSN Internet.) -- C:\WINDOWS\system32\msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Accès MSN Internet.) -- C:\WINDOWS\system32\msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 16/09/2004 - 13:26:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\ADFUUD.SYS

O58 - SDL:[MD5.BA88534A3CEB6161E7432438B9EA4F54] - 24/02/2004 - 11:08:52 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS

O58 - SDL:[MD5.647B8E33E1166829889502A3DF2A7BA8] - 28/04/2004 - 18:10:22 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys

O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 23:53:38 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys

O58 - SDL:[MD5.49C75E63B8B23B0E534447BA25CE2E76] - 12/08/2004 - 22:14:46 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 04/08/2004 - 06:29:27 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys

O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 04/08/2004 - 06:29:28 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys

O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 04/08/2004 - 06:29:29 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys

O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 04/08/2004 - 06:29:29 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys

O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys

O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys

O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys

O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys

O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys

O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2009 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2010 - 10:08:44 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 24/04/2003 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 24/04/2003 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 29/09/2004 - 07:11:42 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys

O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 29/09/2004 - 07:11:46 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys

O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 21/10/2005 - 18:52:48 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys

O58 - SDL:[MD5.128EF741B2293C36810561092B566B1C] - 13/11/2003 - 19:19:48 R--A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys

O58 - SDL:[MD5.CE545A84BF3411E7516FA8DA51AD9D93] - 13/11/2003 - 19:18:36 R--A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys

O58 - SDL:[MD5.9A0D0C461EF2B3D80CB7875B4B995E47] - 13/11/2003 - 19:17:00 R--A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys

O58 - SDL:[MD5.698204D9C2832E53633E53A30A53FC3D] - 22/07/2005 - 11:02:12 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 15:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 15:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.5110EDD87E2508F02B922E83A2487DFC] - 16/01/2004 - 15:21:48 R--A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 04/08/2004 - 06:29:54 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys

O58 - SDL:[MD5.578101D3A57F00B78D6E176C712F1713] - 24/09/2003 - 18:00:00 R--A- . (.OmniVision Technologies Inc. - Dual Mode USB Camera 519 Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\ov519cmd.sys

O58 - SDL:[MD5.4CDADEC3DC1300EE1D313EA5494E6472] - 24/09/2003 - 18:00:00 R--A- . (.OmniVision Technologies, Inc. - Dual Mode USB Camera 519 Stream Class Mini Driver.) -- C:\WINDOWS\system32\drivers\ov519vid.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 24/04/2003 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.7C81AE3C9B82BA2DA437ED4D31BC56CF] - 26/01/2005 - 02:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.2377F31CBB8277807C3351302CF133E9] - 03/08/2004 - 14:21:16 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys

O58 - SDL:[MD5.419883201CA9AD697CCFB8FC46DD6F78] - 31/10/2008 - 07:09:06 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) -- C:\WINDOWS\system32\drivers\SbFw.sys

O58 - SDL:[MD5.F01B8409A11C319E3C5B9DD418676D2C] - 21/06/2008 - 04:54:54 ---A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall NDIS Intermediate driver.) -- C:\WINDOWS\system32\drivers\SbFwIm.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 09:47:45 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/08/2009 - 16:35:42 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.4D9BA04CD1AD49175ABAC61899C78CCF] - 20/06/2005 - 13:08:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\STK018W1.sys

O58 - SDL:[MD5.316F78801E4989B7A2B996C93AAF561F] - 20/06/2005 - 13:08:18 ---A- . (.Syntek Ltd. - Pas de description.) -- C:\WINDOWS\system32\drivers\STK018W2.sys

O58 - SDL:[MD5.B226F8A4D780ACDF76145B58BB791D5B] - 19/03/2008 - 14:27:37 ---A- . (.Symantec Corporation - Symantec Core Component.) -- C:\WINDOWS\system32\drivers\symlcbrd.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 24/04/2003 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 24/04/2003 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/04/2003 - 13:

:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 04/08/2004 - 06:45:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 04/08/2004 - 06:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 04/08/2004 - 06:45:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 04/08/2004 - 06:45:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 04/08/2004 - 06:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(.Pas de propriétaire - Pas de description.) - LEGACY_AAVMKER4

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Akamai NetSession Interface (Akamai) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AKAMAI

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Avertissement (Alerter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ALERTER

O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG

O64 - Services: CurCS - "C:\Program Files\Avira\AntiVir Desktop\sched.exe (.not file.) - Avira AntiVir Planificateur (AntiVirSchedulerService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - "C:\Program Files\Avira\AntiVir Desktop\avguard.exe (.not file.) - Avira AntiVir Guard (AntiVirService) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394

O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - ASP.NET State Service (aspnet_state) .(.Microsoft Corporation - Microsoft ASP.NET State Server.) - LEGACY_ASPNET_STATE

O64 - Services: CurCS - (.not file.) - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - (.not file.) - avast! Standard Shield Support (aswMon2) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMON2

O64 - Services: CurCS - (.not file.) - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR

O64 - Services: CurCS - (.not file.) - avast! Self Protection (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP

O64 - Services: CurCS - (.not file.) - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV

O64 - Services: CurCS - (.not file.) - avast! Antivirus (avast! Antivirus) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVAST!_ANTIVIRUS

O64 - Services: CurCS - (.not file.) - AVG7 Wrap Driver (Avg7RsW) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVG7RSW

O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - bdfsfltr (bdfsfltr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFSFLTR

O64 - Services: CurCS - (.not file.) - bdftdif (bdftdif) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFTDIF

O64 - Services: CurCS - (.not file.) - BDSelfPr (BDSelfPr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDSELFPR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vidstub.sys (.not file.) - BootScreen (BootScreen) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOOTSCREEN

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Bluetooth Support Service (BthServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BTHSERV

O64 - Services: CurCS - C:\DOCUME~1\samira\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(.Pas de propriétaire - Pas de description.) - LEGACY_CATCHME

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS

O64 - Services: CurCS - C:\WINDOWS\system32\cisvc.exe - Service d'indexation (CiSvc) .(.Microsoft Corporation - Content Index service.) - LEGACY_CISVC

O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(.Pas de propriétaire - Pas de description.) - LEGACY_COMSYSAPP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC

O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP

O64 - Services: CurCS - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\DMLOAD.sys - dmload (dmload) .(.Pas de propriétaire - Pas de description.) - LEGACY_DMLOAD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE

O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10741

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10821 (EraserUtilDrv10821) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10821

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10822 (EraserUtilDrv10822) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10822

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10910 (EraserUtilDrv10910) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10910

O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7

O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(.Pas de propriétaire - Pas de description.) - LEGACY_FIPS

O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\fssfltr_tdi.sys - FssFltr (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC

O64 - Services: CurCS - "C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.) - Service Google Update (gupdate1ca20209d514a24) (gupdate1ca20209d514a24) .(.Pas de propriétaire - Pas de description.) - LEGACY_GUPDATE1CA20209D514A24

O64 - Services: CurCS - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (.not file.) - Google Software Updater (gusvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_GUSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HID Input Service (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV

O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER

O64 - Services: CurCS - (.not file.) - File Security Driver (IKFileSec) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKFILESEC

O64 - Services: CurCS - (.not file.) - System Filter Driver (IKSysFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKSYSFLT

O64 - Services: CurCS - (.not file.) - System Security Driver (IKSysSec) .(.Pas de propriétaire - Pas de description.) - LEGACY_IKSYSSEC

O64 - Services: CurCS - C:\WINDOWS\System32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\intelide.sys - IntelIde (IntelIde) .(.Microsoft Corporation - Pilote IDE Intel PCI.) - LEGACY_INTELIDE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC

O64 - Services: CurCS - (.not file.) - Kl1 (kl1) .(.Pas de propriétaire - Pas de description.) - LEGACY_KL1

O64 - Services: CurCS - (.not file.) - Klif (klif) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLIF

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - (.not file.) - BitDefender Desktop Update Service (LIVESRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_LIVESRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS

O64 - Services: CurCS - C:\DOCUME~1\samira\LOCALS~1\Temp\mbr.sys (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - (.not file.) - mchInjDrv (mchInjDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MCHINJDRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mdmxsdk.sys - mdmxsdk (mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Affichage des messages (Messenger) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_MESSENGER

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(.Pas de propriétaire - Pas de description.) - LEGACY_MNMDD

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\WINDOWS\System32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - NAVENG (NAVENG) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAVENG

O64 - Services: CurCS - (.not file.) - NAVEX15 (NAVEX15) .(.Pas de propriétaire - Pas de description.) - LEGACY_NAVEX15

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\WINDOWS\System32\lsass.exe - Ouverture de session réseau (Netlogon) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NETLOGON

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\WINDOWS\System32\lsass.exe - Fournisseur de la prise en charge de sécurité LM NT (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NTLMSSP

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Stockage amovible (NtmsSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NTMSSVC

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARVDM

O64 - Services: CurCS - (.not file.) - PCTools KDS (PCTCore) .(.Pas de propriétaire - Pas de description.) - LEGACY_PCTCORE

O64 - Services: CurCS - C:\WINDOWS\system32\HPZipm12.exe - Pml Driver HPZ12 (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12

O64 - Services: CurCS - C:\WINDOWS\System32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT

O64 - Services: CurCS - (.not file.) - Profos (Profos) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROFOS

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - C:\WINDOWS\System32\rsvp.exe - QoS RSVP (RSVP) .(.Microsoft Corporation - Microsoft RSVP.) - LEGACY_RSVP

O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS

O64 - Services: CurCS - C:\Windows\System32\drivers\SbFw.sys - SbFw (SbFw) .(.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - LEGACY_SBFW

O64 - Services: CurCS - (.not file.) - BitDefender Threat Scanner (scan) .(.Pas de propriétaire - Pas de description.) - LEGACY_SCAN

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE

O64 - Services: CurCS - "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (.not file.) - SeaPort (SeaPort) .(.Pas de propriétaire - Pas de description.) - LEGACY_SEAPORT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION

O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV

O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC

O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS

O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMEVENT

O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMFW

O64 - Services: CurCS - (.not file.) - SYMIDS (SYMIDS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDS

O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\symlcbrd.sys - symlcbrd (symlcbrd) .(.Symantec Corporation - Symantec Core Component.) - LEGACY_SYMLCBRD

O64 - Services: CurCS - (.not file.) - SYMNDIS (SYMNDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMNDIS

O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\WINDOWS\system32\smlogsvc.exe - Journaux et alertes de performance (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP

O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS

O64 - Services: CurCS - (.not file.) - Trufos (Trufos) .(.Pas de propriétaire - Pas de description.) - LEGACY_TRUFOS

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS

O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGA

O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de numéro de série du lecteur multimédia portable (WmdmPmSN) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WMDMPMSN

O64 - Services: CurCS - C:\WINDOWS\System32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC

O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV

O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC

O64 - Services: CurCS - (.not file.) - BitDefender Communicator (XCOMM) .(.Pas de propriétaire - Pas de description.) - LEGACY_XCOMM

O64 - Services: CurCS - C:\WINDOWS\system32\XDva370.sys (.not file.) - XDva370 (XDva370) .(.Pas de propriétaire - Pas de description.) - LEGACY_XDVA370

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\MSN\MSNCoreFiles\MSN6.exe (.not file.)

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {04DAA246-7269-4548-A89B-49D8693CAEF5} - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {32F3A2D5-5B50-473D-88E2-BC95B6F829EF} - (Le Monde) - http://www.lemonde.fr

O69 - SBI: SearchScopes [HKCU] {4D2081F1-8FEC-45FE-A949-BB0BB5CBC6CF} - (Yahoo! Search) - http://search.yahoo.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - http://search.live.com

O69 - SBI: SearchScopes [HKCU] {AB58DEB1-0AB0-41B7-B7DE-7F78E342EBA8} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://dl.ask.com

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\appmgmts.dll [0]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [77824]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\System32\hidserv.dll [21504]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [99840]

O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\System32\wkssvc.dll [132096]

O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\System32\msgsvc.dll [33792]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [297984]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440]

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 11/08/2009 108289 | "C:\Program Files\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 18/08/2009 185089 | "C:\Program Files\Avira\AntiVir Desktop\avguard.exe (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SS - | Demand 14/04/2008 225280 | C:\WINDOWS\System32\dmadmin.exe (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SS - | Auto 18/08/2009 133104 | "C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate1ca20209d514a24) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 30/05/2009 182768 | "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 09/08/2007 73728 | C:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe

SR - | Auto 19/05/2009 240512 | "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net

Run by samira at 25/11/2010 18:06:29

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x82F25AB8]

3 CLASSPNP[0xF87D5FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\0000005e[0x82F1FF18]

5 ACPI[0xF872B620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-3[0x82F1E940]

kernel: MBR read successfully

user & kernel MBR OK

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog

Run by samira at 25/11/2010 18:06:46

149 GB \\.\PhysicalDrive0 Windows XP MBR code detected

SHA1: 8637A6CD1F8DC55758E12C0B860CDE1133CA5719

Dump file Name : C:\Program Files\ZHPDiag\MBRDump_11-25-10_18-06-46_PhysicalDrive0.bin

---\\ Infection Rogue/FakeAlert (Possible)

O53 - SMSR:HKLM\...\startupreg\RegistryDoktorFrNET [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Registry Doktor 4.1\RegistryDoktor.exe

---\\ Infection BT - BHO/Toolbar (Possible)

[HKLM\Software\AskBarDis]

O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://dl.ask.com

End of the scan (1081 lines in 00mn 44s)(0)

1/

► Désactiver ton antivirus.

Télécharge Ad-remover :

http://www.teamxscript.org/adremoverTelechargement.html

VISTA : installation et lancement par Clic droit et "Exécuter en tant qu'administrateur"

• Installe Ad-remover ,
• Lance Ad-remover à partir de l’icône sur le bureau,
• Au menu principal choisis l'option "A" pour un Scan,
poste le rapport obtenu ( C:\Ad-report.log ).


AD-REMOVER : Étape 2
• Relancez "Ad-remover",
• Choisissez l'option "B" .
• Sélectionnez >> Suppression [ ]
• Entrez "S" (Supprimer les éléments cochés)
► Affichez le rapport généré (C:\Ad-report-date.log )

/!\ Si le Bureau ne réapparait pas pressez <Ctrl> <Alt> <Suppr>,
/!\ Onglet "Fichier" --> "Nouvelle tâche" ,
/!\ Entrez explorer.exe et validez

► Réactiver votre antivirus.

2/

recherche et supprime si encore présents ces fichiers/dossiers en gras

c:\program files\ascentive\performance center\apcmain.exe
c:\program files\registry doktor 4.1

3/

suis ce tutoriel pour appliquer le correctif suivant

https://forum.pcastuces.com/zhpdiag___zhpfix-f31s55.htm?page=1&#3706094

O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.) (PerformanceCenter.Rog)
O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.)
[HKLM\Software\AskBarDis]
[HKLM\Software\Trymedia Systems]
O53 - SMSR:HKLM\...\startupreg\RegistryDoktorFrNET [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Registry Doktor 4.1\RegistryDoktor.exe

4/

suis ce tutoriel et poste son rapport

ESET Online Scanner / nouvelle version - Tutoriel

-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 11/11/10 à 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 09:31:52 le 26/11/2010, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)

samira@PC-C894AF37EEF2 ( )

============== RECHERCHE ==============

Fichier trouvé: C:\WINDOWS\Downloaded Program Files\Popcaploader.inf

Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Dossier trouvé: C:\Documents and Settings\samira\Application Data\DesktopIcon

Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia

Clé trouvée: HKLM\Software\AskBarDis

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\Trymedia Systems

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc

============== SCAN ADDITIONNEL ==============

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://www.google.com/ie

Search Page: hxxp://www.google.com

Show_ToolBar: yes

Start Page: hxxp://www.aliceadsl.fr

Use Custom Search URL: 1

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 26/11/2010 (1531 Octet(s))

Fin à: 09:33:11, 26/11/2010

============== E.O.F ==============

=== RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 11/11/10 à 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 09:31:52 le 26/11/2010, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)

samira@PC-C894AF37EEF2 ( )

============== RECHERCHE ==============

Fichier trouvé: C:\WINDOWS\Downloaded Program Files\Popcaploader.inf

Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Dossier trouvé: C:\Documents and Settings\samira\Application Data\DesktopIcon

Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia

Clé trouvée: HKLM\Software\AskBarDis

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\Trymedia Systems

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc

SCAN ADDITIONNEL ==============

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://www.google.com/ie

Search Page: hxxp://www.google.com

Show_ToolBar: yes

Start Page: hxxp://www.aliceadsl.fr

Use Custom Search URL: 1

ichier trouvé: C:\WINDOWS\Downloaded Program Files\Popcaploader.inf

Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js

Dossier trouvé: C:\Documents and Settings\samira\Application Data\DesktopIcon

Dossier trouvé: C:\Documents and Settings\All Users\Application Data\Trymedia

Clé trouvée: HKLM\Software\AskBarDis

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\Trymedia Systems

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo jimddp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp

Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc

art Page: hxxp://www.aliceadsl.fr

Use Custom Search URL: 1

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 26/11/2010 (1531 Octet(s))

Fin à: 09:33:11, 26/11/2010

============== E.O.F ==============

bjr je voie pas les option a ou b quand je scan merci

re j ai scan et voila le raport

regarde ici comment faire pour supprimer les infections trouvées

http://www.teamxscript.org/adremoverNettoyage.html

as tu fait la suite avec ZHPfix?

j ai fais mes ya outil blag ya quatre chose j ai rien compris desoler pardon bonjour

alwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

25/11/2010 13:34:00

mbam-log-2010-11-25 (13-34-00).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 161172

Temps écoulé: 36 minute(s), 56 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Rapport de ZHPDiag v1.27.135 par Nicolas Coolman, Update du 22/11/2010

Run by samira at 28/11/2010 13:07:27

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

GCIE: Google Chrome v7.0.517.44 (Defaut)

---\\ System Information

Windows XP Home Edition Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (30% free)

System drive C: has 128 GB (85%) free of 149 GB

---\\ Logged in mode

Computer Name: PC-C894AF37EEF2

User Name: samira

All Users Names: Utilisateur, SUPPORT_388945a0, samira, HelpAssistant, Administrateur,

Unselected Option: O1

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 128 Go of 149 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]

---\\ Processus lancés

[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289]

[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\System32\dllhost.exe [5120]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.2B1FCD34CA8CCA216A448B93CA5C758D] - (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE [90112]

[MD5.EA20D863A09D2C39A4E35D6D761236FE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [25604904]

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]

[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728]

[MD5.A0287B1A5C8FDC87850D7A4A27E6AB5B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [974904]

[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]

[MD5.D594EA4AC1C0E4675EF2F0063950ABEF] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1090952]

[MD5.AC53E87A01F8BCB1DDBCA60A817D87B7] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [621056]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,

\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [User Data\Default] http://www.google.com

G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18968 (longhorn_ie8_gdr.100824-1830)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - e-Carte Bleue.) -- C:\WINDOWS\system32\BhoECart.dll

O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Microsoft Corporation - Windows Live Call Click-to-Call BHO.) -- C:\Program Files\Windows Live\Messenger\wlchtc.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [msn] . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe

O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.)

O4 - HKCU\..\Run: [PC SpeedScan Pro] C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe (.not file.)

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [msn] . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (.not file.)

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [PC SpeedScan Pro] C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe (.not file.)

O4 - HKUS\S-1-5-21-1547161642-1364589140-839522115-1005\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk . (.Pas de propriétaire.) -- C:\Program Files\ERUNT\AUTOBACK.EXE

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (.Pas de propriétaire.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Windows Install Clean Up.lnk . (.Pas de propriétaire.) -- C:\Documents and Settings\samira\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

O4 - Global Startup: C:\Documents And Settings\samira\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Recherche sur eBay - (.not file.) - C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} () - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{CAE4DB54-B4C3-46CB-868A-22CE1FA4A748}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

--\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (gupdate1ca20209d514a24) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{501A6DDF-2FAE-4D13-837B-857AB538C9FC}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r102.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10l.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys

O41 - Driver: (SbFw) . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) - C:\Windows\System32\drivers\SbFw.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (wceusbsh) . (.Microsoft Corporation - Hôte série USB Windows CE.) - C:\Windows\System32\DRIVERS\wceusbsh.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner

42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2

O42 - Logiciel: ERUNT 1.1j - (.Lars Hederer.) [HKLM] -- ERUNT_is1

O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner

O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1

O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Image Zone 5.3 - (.HP.) [HKLM] -- HP Photo & Imaging

O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart 330,380,420,470,7800,8000,8200 Series - (.HP.) [HKLM] -- {33D6CC28-9F75-4d1b-A11D-98895B3A3729}

O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {15EE79F4-4ED1-4267-9B0F-351009325D7D}

O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Java(TM) 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216012FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}

O42 - Logiciel: Kit de Connexion Alice ADSL - (.Pas de propriétaire.) [HKLM] -- {3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: MP3 Player Utilities 4.17 - (. .) [HKLM] -- {8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459) - (.Microsoft Corporation.) [HKLM] -- {97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) - (.Pas de propriétaire.) [HKLM] -- M928366

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wudf01005

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100

O42 - Logiciel: OpenOffice.org Installer 1.0 - (.Sun Microsystems.) [HKLM] -- {3A2AF807-9F9F-43C9-A24A-17B617238B74}

O42 - Logiciel: PC SpeedScan Pro - (.Ascentive.) [HKLM] -- {80F24F31-F641-4349-83F3-59E335976D16}

O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}

O42 - Logiciel: S4 League_EU - (.Pas de propriétaire.) [HKLM] -- {939AC279-B6BB-4ADE-BB77-3AB48563F6B4}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: SoftV92 Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1

O42 - Logiciel: VGA USB Camera - (.Pas de propriétaire.) [HKLM] -- VGA USB Camera

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC

O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D5D81435-B8DE-4CAF-867F-7998F2B92CFC}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service

O42 - Logiciel: e-Carte Bleue Caisse d'Epargne - (.Pas de propriétaire.) [HKLM] -- {18EF615A-5AAD-4944-B24E-6CD7863FC735}

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Ascentive]

[HKCU\Software\Aurigma]

[HKCU\Software\AusLogics]

[HKCU\Software\Avance]

[HKCU\Software\Avira]

[HKCU\Software\Binary Noise]

[HKCU\Software\Burda]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\ESET]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Grisoft]

[HKCU\Software\HP]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Innovative Solutions]

[HKCU\Software\Intel]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\KasperskyLab]

[HKCU\Software\Lavalys]

[HKCU\Software\Lavasoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogProductInv]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Netscape]

[HKCU\Software\ORL]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Skype]

[HKCU\Software\Sun Microsystems]

[HKCU\Software\SupportSoft]

HKCU\Software\MozillaPlugins]

[HKCU\Software\Netscape]

[HKCU\Software\ORL]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Skype]

[HKCU\Software\Sun Microsystems]

[HKCU\Software\SupportSoft]

[HKCU\Software\TAdvCheckList]

[HKCU\Software\Tiscali]

[HKCU\Software\TuneUp]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WholeSecurity]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eMule]

[HKCU\Software\ej-technologies]

[HKCU\Software\neowiz]

[HKCU\Software\symActivation]

[HKCU\Software\symSubscription]

[HKLM\Software\8322898]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Actions]

[HKLM\Software\Adobe]

[HKLM\Software\Alice ADSL]

[HKLM\Software\AppDataLow]

[HKLM\Software\Ascentive]

[HKLM\Software\Auslogics]

[HKLM\Software\Avira]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Eset]

[HKLM\Software\Gemplus]

[HKLM\Software\GlarySoft]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\Innovative Solutions]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\LEAD Technologies, Inc.]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NOS]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\OmniVision]

[HKLM\Software\Policies]

[HKLM\Software\ProductM]

[HKLM\Software\Program Groups]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\STK018]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Skype]

[HKLM\Software\Stardock]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SupportSoft]

[HKLM\Software\SymNRT]

[HKLM\Software\Symantec]

[HKLM\Software\TechCity]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\WIDCOMM_TEMP]

[HKLM\Software\WholeSecurity]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Yahoo]

[HKLM\Software\Zone Labs]

[HKLM\Software\ahead]

[HKLM\Software\e-Carte Bleue Caisse d'Epargne]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 26/11/2010 - 09:31:54 ----D- C:\Program Files\Ad-Remover

O43 - CFD: 29/03/2009 - 13:59:58 ----D- C:\Program Files\Adobe

O43 - CFD: 25/11/2010 - 10:33:52 ----D- C:\Program Files\alaplaya

O43 - CFD: 17/04/2010 - 19:48:04 ----D- C:\Program Files\Alice

O43 - CFD: 17/06/2009 - 14:13:44 ----D- C:\Program Files\Alwil Software

O43 - CFD: 08/06/2009 - 16:34:20 ----D- C:\Program Files\Avira

O43 - CFD: 24/11/2007 - 14:13:16 ----D- C:\Program Files\AvRack

O43 - CFD: 16/03/2009 - 18:03:40 ----D- C:\Program Files\Capturino V2

O43 - CFD: 22/03/2009 - 17:06:44 ----D- C:\Program Files\CCleaner

O43 - CFD: 24/11/2007 - 14:18:56 ----D- C:\Program Files\CONEXANT

O43 - CFD: 01/07/2009 - 10:54:28 ----D- C:\Program Files\eMule

O43 - CFD: 28/11/2010 - 12:45:48 ----D- C:\Program Files\ERUNT

O43 - CFD: 26/11/2010 - 10:12:58 ----D- C:\Program Files\ESET

O43 - CFD: 14/02/2009 - 19:49:30 ----D- C:\Program Files\FastStone Capture

O43 - CFD: 26/11/2010 - 09:55:16 ----D- C:\Program Files\Fichiers communs

O43 - CFD: 18/08/2009 - 17:32:56 ----D- C:\Program Files\Google

O43 - CFD: 16/12/2007

18:24:36 ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 16/12/2007 - 18:24:30 ----D- C:\Program Files\HP

O43 - CFD: 25/11/2010 - 11:01:48 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 25/11/2010 - 11:13:48 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 23/06/2009 - 13:07:36 ----D- C:\Program Files\Java

O43 - CFD: 25/11/2010 - 17:34:30 ----D- C:\Program Files\Lavalys

O43 - CFD: 07/03/2009 - 18:39:38 ----D- C:\Program Files\Lavasoft

O43 - CFD: 25/11/2010 - 12:41:22 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 13/10/2008 - 12:11:08 ----D- C:\Program Files\McDonaldsDragons

O43 - CFD: 04/03/2009 - 18:31:26 ----D- C:\Program Files\Messenger

O43 - CFD: 08/02/2009 - 17:55:24 ----D- C:\Program Files\Microsoft

O43 - CFD: 17/12/2007 - 11:13:38 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 24/11/2007 - 13:31:00 ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 25/11/2010 - 12:41:22 ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 27/06/2009 - 12:55:26 ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 25/11/2010 - 10:29:28 ----D- C:\Program Files\Movie Maker

O43 - CFD: 25/11/2010 - 12:32:18 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 29/03/2009 - 13:45:52 ----D- C:\Program Files\MSECACHE

O43 - CFD: 08/02/2009 - 21:02:22 ----D- C:\Program Files\MSN

O43 - CFD: 24/11/2007 - 13:27:12 ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 09/02/2009 - 17:06:44 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 09/02/2009 - 17:56:12 ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 24/11/2007 - 14:22:32 ----D- C:\Program Files\Nero

O43 - CFD: 04/03/2009 - 18:33:04 ----D- C:\Program Files\NetMeeting

O43 - CFD: 29/03/2009 - 14:06:02 ----D- C:\Program Files\NOS

O43 - CFD: 24/11/2007 - 13:27:20 ----D- C:\Program Files\Online Services

O43 - CFD: 25/11/2010 - 10:39:48 ----D- C:\Program Files\Outlook Express

O43 - CFD: 04/03/2009 - 18:40:48 ----D- C:\Program Files\Realtek AC97

O43 - CFD: 24/11/2007 - 14:13:16 ----D- C:\Program Files\Realtek Sound Manager

O43 - CFD: 18/08/2009 - 17:25:24 R---D- C:\Program Files\Skype

O43 - CFD: 25/11/2010 - 12:35:12 ----D- C:\Program Files\Telecom Italia France

O43 - CFD: 23/06/2009 - 18:51:14 ----D- C:\Program Files\TuneUp Utilities 2009

O43 - CFD: 29/03/2009 - 14:07:00 ----D- C:\Program Files\Unlocker

O43 - CFD: 29/03/2009 - 14:08:16 ----D- C:\Program Files\VS Revo Group

O43 - CFD: 29/03/2009 - 13:46:20 ----D- C:\Program Files\Windows Installer Clean Up

O43 - CFD: 22/01/2010 - 10:25:10 ----D- C:\Program Files\Windows Live

O43 - CFD: 15/03/2009 - 19:01:36 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 08/02/2009 - 21:06:26 ----D- C:\Program Files\Windows NT

O43 - CFD: 05/11/2008 - 19:56:04 --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 24/11/2007 - 13:31:00 ----D- C:\Program Files\xerox

O43 - CFD: 25/11/2010 - 12:37:48 ----D- C:\Program Files\Yahoo!

O43 - CFD: 28/11/2010 - 13:08:24 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 29/03/2009 - 14:01:46 ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 24/11/2007 - 14:26:16 ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD: 28/11/2010 - 12:55:34 ----D- C:\Program Files\Fichiers Communs\Akamai

O43 - CFD: 16/12/2007 - 18:26:54 ----D- C:\Program Files\Fichiers Communs\HP

O43 - CFD: 03/03/2009 - 22:42:46 ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 24/11/2007 - 13:28:40 ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 24/11/2007 - 14:10:08 ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 18/08/2009 - 17:25:20 ----D- C:\Program Files\Fichiers Communs\Skype

O43 - CFD: 24/11/2007 - 14:10:04 ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 26/11/2010 - 09:55:58 ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 08/02/2009 - 17:24:04 ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 24/11/2007 - 16:49:38 -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 12:56:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1813756]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/11/2010 - 12:55:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 12:55:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 12:54:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.B41716E5D052D9D019E983DA13E8600E] - 28/11/2010 - 12:54:07 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 12:53:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32460]

O44 - LFC:[MD5.3A7E3BBB80A9AF8EBAE032E069011794] - 28/11/2010 - 12:32:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [3146]

O44 - LFC:[MD5.E604B8C5E21CD08E48F13B0158297172] - 28/11/2010 - 12:17:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [13668]

O44 - LFC:[MD5.A2026D415D281091FFE21CE45E740A57] - 26/11/2010 - 09:59:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY5.zhp [1380]

O44 - LFC:[MD5.13CB5FBB84F8A10D76E30327B75EA587] - 26/11/2010 - 09:59:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY4.zhp [4092]

O44 - LFC:[MD5.D25F27F08627D1D66D86E8356852AAFB] - 26/11/2010 - 09:59:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY3.zhp [1070]

O44 - LFC:[MD5.83B9B1CAE5799C7123FF33E7A3EB289D] - 26/11/2010 - 09:59:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY2.zhp [3732]

O44 - LFC:[MD5.DB0BA0D071CE8A446C0B43591C2DB8EF] - 26/11/2010 - 09:59:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY1.zhp [794]

O44 - LFC:[MD5.9A053C77CF259B688893A0305AC04811] - 26/11/2010 - 09:59:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY0.zhp [1224]

O44 - LFC:[MD5.676AB7388F8DB9C7C1BE641138115F46] - 26/11/2010 - 09:40:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[2].txt [2825]

O44 - LFC:[MD5.63A08D4B4BD8CE57D5BA767F1EDDA68A] - 26/11/2010 - 09:33:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [2770]

O44 - LFC:[MD5.9BB813E9F1944872E8A840F334735BE3] - 25/11/2010 - 12:41:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FNTCACHE.DAT [109400]

O44 - LFC:[MD5.6F84F1C3D72F8E03EB4875F5B811C0E9] - 25/11/2010 - 10:23:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\TZLog.log [494050]

O44 - LFC:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2010 - 10:08:44 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgntflt.sys [56816]

O44 - LFC:[MD5.A7D5BA8EAD47A62AD33674F59FBA263C] - 25/11/2010 - 09:56:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ModemLog_PCI SoftV92 Data Fax Modem with SmartCP.txt [3896]

O44 - LFC:[MD5.ABDA9AD3F76C346F1190571AAE70ACE6] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.TMP [3416]

O44 - LFC:[MD5.472DE68B398C83AF16A5543356D52ED8] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [77816]

O44 - LFC:[MD5.8344F216B11BCD7A0ECA408724061C37] - 25/11/2010 - 09:56:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [474196]

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.682FC55D407EEAD31EC0D5B359C47E7A] - 25/11/2010 - 09:53:23 ---A- - C:\WINDOWS\Prefetch\NDP1.1SP1-KB953297-X86.EXE-33E8E47A.pf

O45 - LFCP:[MD5.C33339DB42D368A5C825A2178E543922] - 25/11/2010 - 09:54:37 ---A- - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf

O45 - LFCP:[MD5.6AE1257A8EDBB681F1461F4406FD9A0A] - 25/11/2010 - 09:55:16 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf

O45 - LFCP:[MD5.3A5A646204E5655D991ABB4312295500] - 25/11/2010 - 09:55:21 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf

O45 - LFCP:[MD5.5E74C158D697847C75B430276F697F43] - 25/11/2010 - 09:55:22 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC69D2D.pf

O45 - LFCP:[MD5.C1A496A00E839E4317F1DD44A18B434C] - 25/11/2010 - 09:55:27 ---A- - C:\WINDOWS\Prefetch\ATI2MDXX.EXE-00F23993.pf

O45 - LFCP:[MD5.B3BC9904B253859CE55A8A222D1A9BF0] - 25/11/2010 - 09:55:32 ---A- - C:\WINDOWS\Prefetch\ALICEAGENT.EXE-09F1BB91.pf

O45 - LFCP:[MD5.0B3932284C19551F613D7CF1F2FC0157] - 25/11/2010 - 09:55:41 ---A- - C:\WINDOWS\Prefetch\MSN6.EXE-2001F6AE.pf

O45 - LFCP:[MD5.50B22101A4F60FACE9DFF489D9B7F861] - 25/11/2010 - 09:55:48 ---A- - C:\WINDOWS\Prefetch\PCSPEEDSCAN.EXE-04DC3243.pf

O45 - LFCP:[MD5.4901F5E2477A2BC061F615977AC57232] - 25/11/2010 - 09:55:50 ---A- - C:\WINDOWS\Prefetch\SKYPE.EXE-30AE1A60.pf

O45 - LFCP:[MD5.D13035D43A66E2871707E98536B0F4ED] - 25/11/2010 - 09:56:03 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-0DCBEDBC.pf

O45 - LFCP:[MD5.F75E562D76BE15C6A693B59998F76B29] - 25/11/2010 - 09:57:10 ---A- - C:\WINDOWS\Prefetch\SKYPEPM.EXE-2BC7DD5C.pf

O45 - LFCP:[MD5.0364B4DDE248D6A80E71CC32BD826DE5] - 25/11/2010 - 09:57:58 ---A- - C:\WINDOWS\Prefetch\GTB61.TMP.EXE-34971157.pf

O45 - LFCP:[MD5.569ED68D31913A011D33AD87254B06CC] - 25/11/2010 - 09:59:37 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-07054387.pf

O45 - LFCP:[MD5.E05B5507C309C060D0AFE731C2884217] - 25/11/2010 - 09:59:53 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-09D87D3A.pf

O45 - LFCP:[MD5.FE1FCB60B12E15341714F9124B33943B] - 25/11/2010 - 10:01:06 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-259F8060.pf

O45 - LFCP:[MD5.25BB6780906A1F8769A8562939B66EE3] - 25/11/2010 - 10:02:01 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1B3BE691.pf

O45 - LFCP:[MD5.290B253822DF2434BCF25D93CCD71CB7] - 25/11/2010 - 10:02:02 ---A- - C:\WINDOWS\Prefetch\CHROME_INSTALLER.EXE-030E66A2.pf

O45 - LFCP:[MD5.0B30917A7504F4AADDF93F1C67537AD2] - 25/11/2010 - 10:02:11 ---A- - C:\WINDOWS\Prefetch\EXPAND.EXE-2490DB85.pf

O45 - LFCP:[MD5.BE362FD233CF1CFB26C0117C1B57F018] - 25/11/2010 - 10:02:18 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-0750C8A1.pf

O45 - LFCP:[MD5.D4CD161DDC192B64441969CF4CC7FC0C] - 25/11/2010 - 10:02:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-187A1067.pf

O45 - LFCP:[MD5.2F1E9D96E9777FC57725A78BA20438F6] - 25/11/2010 - 10:07:36 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-041ACCC5.pf

O45 - LFCP:[MD5.17775EDA718F9B3842E59FEBBF146633] - 25/11/2010 - 10:07:58 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0CA8611A.pf

O45 - LFCP:[MD5.33AA636E75B373708C387233CCADA64C] - 25/11/2010 - 10:08:19 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-313B5F3B.pf

O45 - LFCP:[MD5.7996FF54CB37935D1A82E79EBC06E488] - 25/11/2010 - 10:08:44 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0C8116DA.pf

O45 - LFCP:[MD5.E4323392C871E4C4B2A5F6D8F66079C7] - 25/11/2010 - 10:09:04 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-363912A9.pf

O45 - LFCP:[MD5.693C22019C8B7409F739890FE4F3C3E0] - 25/11/2010 - 10:09:21 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-0561B6A9.pf

O45 - LFCP:[MD5.D76D83CA8B6DF7EFA49EF713B297930D] - 25/11/2010 - 10:09:31 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-21BAE8F7.pf

O45 - LFCP:[MD5.9A839961BA38FC433F3FD265D5285515] - 25/11/2010 - 10:09:41 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-22D136CB.pf

O45 - LFCP:[MD5.ECCE3B69BFDB207681B2D41285AFC716] - 25/11/2010 - 10:10:01 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-334FA3F8.pf

O45 - LFCP:[MD5.0651BB2A25F8E744335AB262ED802999] - 25/11/2010 - 10:10:22 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-1F6D3697.pf

O45 - LFCP:[MD5.D35A730C088FC4DE9894588799283F53] - 25/11/2010 - 10:10:31 ---A- - C:\WINDOWS\Prefetch\UPDATE.EXE-16FFEC3B.pf

O45 - LFCP:[MD5.B41606632E8FBF004590A73DDCF75401] - 25/11/2010 - 10:11:37 ---A- - C:\WINDOWS\Prefetch\AVGNT.EXE-200FEF40.pf

O45 - LFCP:[MD5.833DC255809F724262267A0786948FE3] - 25/11/2010 - 10:41:07 ---A- - C:\WINDOWS\Prefetch\SILVERLIGHT.3.0.EXE-1FD84011.pf

O45 - LFCP:[MD5.C7702245C04BBA79FF9A7D927D038832] - 25/11/2010 - 11:09:18 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2576181F.pf

O45 - LFCP:[MD5.681C5FA932ED0D865B3A8D7264099678] - 25/11/2010 - 11:17:47 ---A- - C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf

O45 - LFCP:[MD5.ADD2767A0CF0B475C5D10B8422D20CEA] - 25/11/2010 - 12:28:55 ---A- - C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf

O45 - LFCP:[MD5.90B73D37B9D802DFA53EC716E00D909E] - 25/11/2010 - 12:37:43 ---A- - C:\WINDOWS\Prefetch\YTBB.EXE-36089050.pf

O45 - LFCP:[MD5.7742886EF6F30C74FD1F993A926A5EED] - 25/11/2010 - 12:53:20 ---A- - C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf

O45 - LFCP:[MD5.6D68178F8B82428C256E777A5EC9E8C2] - 25/11/2010 - 18:18:04 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-06CCE10F.pf

O45 - LFCP:[MD5.D90B283FBB60F8C78CF419C96F7C8EBB] - 25/11/2010 - 18:23:54 ---A- - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-3629C61D.pf

O45 - LFCP:[MD5.BB8A76C355C076DE03295DA20C15E45C] - 26/11/2010 - 09:28:04 ---A- - C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf

O45 - LFCP:[MD5.804836BE84875435103C8B9F5774CD32] - 26/11/2010 - 09:42:46 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf

O45 - LFCP:[MD5.F831E51BC7FAB295890465C63D8E6112] - 26/11/2010 - 09:59:58 ---A- - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf

O45 - LFCP:[MD5.AD29FB35E7500FEA796A242825EA8A83] - 26/11/2010 - 10:01:22 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1357CA32.pf

O45 - LFCP:[MD5.ED62A83648E87C617776699A7C7F405E] - 26/11/2010 - 10:01:22 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F20A0D1.pf

O45 - LFCP:[MD5.938908104A16AEEE7A4A57135CEEB6F4] - 26/11/2010 - 10:01:27 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf

O45 - LFCP:[MD5.BBADFB4D35F4143C120D9B9D7B24CB07] - 26/11/2010 - 10:48:06 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-200975B6.pf

O45 - LFCP:[MD5.2BA16A881C57BA9E7C984EA5C76B8B9A] - 26/11/2010 - 11:54:27 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf

O45 - LFCP:[MD5.250B5C3D58A3DF0A98D28699B0832495] - 28/11/2010 - 12:19:55 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf

O45 - LFCP:[MD5.B517C12B24308099F2B578625A8A2F8E] - 28/11/2010 - 12:22:23 ---A- - C:\WINDOWS\Prefetch\DW20.EXE-0F7C73AD.pf

O45 - LFCP:[MD5.28801F74543287E2F94605BF08C93D35] - 28/11/2010 - 12:35:39 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf

O45 - LFCP:[MD5.1FDB9C6B3815B77BB15D577FAFE1F521] - 28/11/2010 - 12:46:00 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf

O45 - LFCP:[MD5.9DF48A4181109F30FDADF014004859B6] - 28/11/2010 - 12:48:14 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf

O45 - LFCP:[MD5.E91FF63A073E74057F78A16CE79BDF32] - 28/11/2010 - 12:52:34 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf

O45 - LFCP:[MD5.49E8B052995033D6F55732C522AB0EEC] - 28/11/2010 - 12:55:58 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:[MD5.7194E2B74FC2ED5F0F25C0620AC29CF3] - 28/11/2010 - 12:55:59 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf

O45 - LFCP:[MD5.252D0F993C1D32244D75CA8F3531355F] - 28/11/2010 - 12:56:17 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

O45 - LFCP:[MD5.03BE2F6FD15D73888038AC7AC4C45CF3] - 28/11/2010 - 12:56:33 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

O45 - LFCP:[MD5.5F63A678F51014A0BA187D3D1C6FF199] - 28/11/2010 - 12:56:35 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

O45 - LFCP:[MD5.259F3DE148EB62840C139268B7FBB6C6] - 28/11/2010 - 12:56:55 ---A- - C:\WINDOWS\Prefetch\MSMSGS.EXE-2B6052DE.pf

O45 - LFCP:[MD5.880A8C06967B045EE8F8BE481096E63A] - 28/11/2010 - 13:06:14 ---A- - C:\WINDOWS\Prefetch\MSFEEDSSYNC.EXE-25E13438.pf

O45 - LFCP:[MD5.8D5951B9E2A53C3E8C27D15535D29CB1] - 28/11/2010 - 13:08:22 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe" [Disabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ftp.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe" [Disabled] .(.Kaspersky Lab - .) (.not file.) -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\French\setup.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Disabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\System32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\System32\LCODCCMP.DLL

O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10 Audio CODEC" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo codec by Intel" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \drivers.desc\"iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\ccApp [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

O53 - SMSR:HKLM\...\startupreg\Clavier+ [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Clavier+\Clavier.exe

O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O53 - SMSR:HKLM\...\startupreg\RegistryDoktorFrNET [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Registry Doktor 4.1\RegistryDoktor.exe

O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Skype\Phone\Skype.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Accès MSN Internet.) -- C:\WINDOWS\system32\msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Accès MSN Internet.) -- C:\WINDOWS\system32\msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 16/09/2004 - 13:26:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\ADFUUD.SYS

O58 - SDL:[MD5.BA88534A3CEB6161E7432438B9EA4F54] - 24/02/2004 - 11:08:52 R--A- . (.Sensaura - Sensaura WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS

O58 - SDL:[MD5.647B8E33E1166829889502A3DF2A7BA8] - 28/04/2004 - 18:10:22 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 19:36:39 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys

O58 - SDL:[MD5.A2F791E99FD6EECEBCCFB1953A1D6F24] - 19/08/2004 - 23:53:38 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\drivers\ati2mtaa.sys

O58 - SDL:[MD5.49C75E63B8B23B0E534447BA25CE2E76] - 12/08/2004 - 22:14:46 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:[MD5.993E7BD6438FE989E328C6B4BCA246A9] - 04/08/2004 - 06:29:27 ---A- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\drivers\atinbtxx.sys

O58 - SDL:[MD5.ED4C2BF8403F4437987C0BA09CF48716] - 04/08/2004 - 06:29:28 ---A- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys

O58 - SDL:[MD5.E90AC2B14E98F1A4372E5891B4278784] - 04/08/2004 - 06:29:29 ---A- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys

O58 - SDL:[MD5.DA36687D701C833430605A298731410B] - 04/08/2004 - 06:29:29 ---A- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\drivers\atinraxx.sys

O58 - SDL:[MD5.A7A01B907DB63898D40B0A14248FF9A2] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys

O58 - SDL:[MD5.CEDDEE2E0591894D19654D458FD3B9BE] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\drivers\atinsnxx.sys

O58 - SDL:[MD5.D80A8F6C0A717446496C3A06D33B0D9C] - 04/08/2004 - 06:29:30 ---A- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\drivers\atinttxx.sys

O58 - SDL:[MD5.EDD66332608D27F4FD5069BCD0BC5164] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\drivers\atintuxx.sys

O58 - SDL:[MD5.3E7D485CBD0B0D9F6EA2AD9442411831] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\drivers\atinxbxx.sys

O58 - SDL:[MD5.77B575D7AAB35D5908AE6CE681608D62] - 04/08/2004 - 06:29:31 ---A- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 13/02/2

O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2010 - 10:08:44 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.2DAA8CC2670720DEDDCC74A20EDE2EE9] - 13/02/2009 - 11:28:39 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 24/04/2003 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 24/04/2003 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 29/09/2004 - 07:11:42 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys

O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 29/09/2004 - 07:11:46 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys

O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 21/10/2005 - 18:52:48 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys

O58 - SDL:[MD5.128EF741B2293C36810561092B566B1C] - 13/11/2003 - 19:19:48 R--A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys

O58 - SDL:[MD5.CE545A84BF3411E7516FA8DA51AD9D93] - 13/11/2003 - 19:18:36 R--A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys

O58 - SDL:[MD5.9A0D0C461EF2B3D80CB7875B4B995E47] - 13/11/2003 - 19:17:00 R--A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys

O58 - SDL:[MD5.698204D9C2832E53633E53A30A53FC3D] - 22/07/2005 - 11:02:12 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 15:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 15:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.5110EDD87E2508F02B922E83A2487DFC] - 16/01/2004 - 15:21:48 R--A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 04/08/2004 - 06:29:54 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys

O58 - SDL:[MD5.578101D3A57F00B78D6E176C712F1713] - 24/09/2003 - 18:00:00 R--A- . (.OmniVision Technologies Inc. - Dual Mode USB Camera 519 Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\ov519cmd.sys

O58 - SDL:[MD5.4CDADEC3DC1300EE1D313EA5494E6472] - 24/09/2003 - 18:00:00 R--A- . (.OmniVision Technologies, Inc. - Dual Mode USB Camera 519 Stream Class Mini Driver.) -- C:\WINDOWS\system32\drivers\ov519vid.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 24/04/2003 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.7C81AE3C9B82BA2DA437ED4D31BC56CF] - 26/01/2005 - 02:03:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 24/04/2003 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.2377F31CBB8277807C3351302CF133E9] - 03/08/2004 - 14:21:16 R--A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys

O58 - SDL:[MD5.419883201CA9AD697CCFB8FC46DD6F78] - 31/10/2008 - 07:09:06 R--A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall driver.) -- C:\WINDOWS\system32\drivers\SbFw.sys

O58 - SDL:[MD5.F01B8409A11C319E3C5B9DD418676D2C] - 21/06/2008 - 04:54:54 ---A- . (.Sunbelt Software, Inc. - Sunbelt Personal Firewall NDIS Intermediate driver.) -- C:\WINDOWS\system32\drivers\SbFwIm.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 09:47:45 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/08/2009 - 16:35:42 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.4D9BA04CD1AD49175ABAC61899C78CCF] - 20/06/2005 - 13:08:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\STK018W1.sys

O58 - SDL:[MD5.316F78801E4989B7A2B996C93AAF561F] - 20/06/2005 - 13:08:18 ---A- . (.Syntek Ltd. - Pas de description.) -- C:\WINDOWS\system32\drivers\STK018W2.sys

O58 - SDL:[MD5.B226F8A4D780ACDF76145B58BB791D5B] - 19/03/2008 - 14:27:37 ---A- . (.Symantec Corporation - Symantec Core Component.) -- C:\WINDOWS\system32\drivers\symlcbrd.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 24/04/2003 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 24/04/2003 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 24/04/2003 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 04/08/2004 - 06:45:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 04/08/2004 - 06:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 04/08/2004 - 06:45:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 04/08/2004 - 06:45:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 04/08/2004 - 06:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 25/11/2010 - 09:54:00 -SHA- C:\Documents And Settings\samira\Application Data\Microsoft\Protect\S-1-5-21-1547161642-1364589140-839522115-1005\Preferred [24]

O61 - LFC:Last File Created 25/11/2010 - 09:54:00 -SHA- C:\Documents And Settings\samira\Application Data\Microsoft\Protect\S-1-5-21-1547161642-1364589140-839522115-1005\c605efff-1b6c-41c3-97cc-bb9d39a8bc53 [388]

O61 - LFC:Last File Created 25/11/2010 - 09:55:59 ---A- C:\Documents And Settings\samira\Bureau\Raccourcis Bureau non utilisés\Google Chrome.lnk [1813]

O61 - LFC:Last File Created 25/11/2010 - 09:56:04 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [552]

O61 - LFC:Last File Created 25/11/2010 - 09:56:04 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 [132]

O61 - LFC:Last File Created 25/11/2010 - 09:57:31 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 [898]

O61 - LFC:Last File Created 25/11/2010 - 09:57:31 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 [94]

O61 - LFC:Last File Created 25/11/2010 - 09:57:37 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [96019]

O61 - LFC:Last File Created 25/11/2010 - 09:57:37 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124]

O61 - LFC:Last File Created 25/11/2010 - 09:57:42 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8 [341]

O61 - LFC:Last File Created 25/11/2010 - 09:57:42 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8 [126]

O61 - LFC:Last File Created 25/11/2010 - 09:57:47 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165 [413]

O61 - LFC:Last File Created 25/11/2010 - 09:57:47 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165 [98]

O61 - LFC:Last File Created 25/11/2010 - 10:05:58 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Google Chrome\Désinstaller Google Chrome.lnk [1987]

O61 - LFC:Last File Created 25/11/2010 - 10:05:58 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Google Chrome\Google Chrome.lnk [1825]

O61 - LFC:Last File Created 25/11/2010 - 10:07:13 ---A- C:\Documents And Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\pxml.xml [116612]

O61 - LFC:Last File Created 25/11/2010 - 10:11:30 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\User StyleSheets\Custom.css [0]

O61 - LFC:Last File Created 25/11/2010 - 10:13:06 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\a013a267.avl [4272]

O61 - LFC:Last File Created 25/11/2010 - 10:13:07 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\Upd-2010-11-25-10-03-03.log [110130]

O61 - LFC:Last File Created 25/11/2010 - 10:15:47 ---A- C:\Documents And Settings\samira\Mes documents\Downloads\S4_Downloader.exe [131548]

O61 - LFC:Last File Created 25/11/2010 - 10:33:04 ---A- C:\Documents And Settings\samira\Bureau\S4League.exe [746252234]

O61 - LFC:Last File Created 25/11/2010 - 10:37:24 ---A- C:\Documents And Settings\samira\Application Data\Skype\sami-ra1\config.xml [8054]

O61 - LFC:Last File Created 25/11/20

10 - 10:37:29 ---A- C:\Documents And Settings\samira\Application Data\Skype\sami-ra1\main.db [430080]

O61 - LFC:Last File Created 25/11/2010 - 10:38:10 ---A- C:\Documents And Settings\All Users\Application Data\Skype\Plugins\_sstore.dat [916]

O61 - LFC:Last File Created 25/11/2010 - 11:01:52 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\alaplaya\S4League\S4League.lnk [1707]

O61 - LFC:Last File Created 25/11/2010 - 11:01:52 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\alaplaya\S4League\Uninstall S4League.lnk [2208]

O61 - LFC:Last File Created 25/11/2010 - 11:02:46 ---A- C:\Documents And Settings\All Users\Bureau\S4League.lnk [1499]

O61 - LFC:Last File Created 25/11/2010 - 11:02:47 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\alaplaya\S4League\Goto S4League Homepage.url [47]

O61 - LFC:Last File Created 25/11/2010 - 11:06:33 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight\Microsoft Silverlight.lnk [1986]

O61 - LFC:Last File Created 25/11/2010 - 11:10:53 ---A- C:\Documents And Settings\samira\Application Data\Microsoft\Windows\Themes\Custom.theme [7892]

O61 - LFC:Last File Created 25/11/2010 - 11:12:48 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Microsoft\Wallpaper1.bmp [14745654]

O61 - LFC:Last File Created 25/11/2010 - 11:27:21 --HA- C:\Documents And Settings\Utilisateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024]

O61 - LFC:Last File Created 25/11/2010 - 11:27:37 --HA- C:\Documents And Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [1024]

O61 - LFC:Last File Created 25/11/2010 - 11:27:37 --HA- C:\Documents And Settings\Administrateur\NTUSER.DAT.LOG [1024]

O61 - LFC:Last File Created 25/11/2010 - 12:11:31 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\AVSCAN-20101125-120014-7FEDA410.LOG [19570]

O61 - LFC:Last File Created 25/11/2010 - 12:11:31 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\588c284b.avl [1638]

O61 - LFC:Last File Created 25/11/2010 - 12:20:19 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe [6153351]

O61 - LFC:Last File Created 25/11/2010 - 12:21:33 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk [708]

O61 - LFC:Last File Created 25/11/2010 - 12:21:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Désinstaller Malwarebytes' Anti-Malware.lnk [732]

O61 - LFC:Last File Created 25/11/2010 - 12:21:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk [708]

O61 - LFC:Last File Created 25/11/2010 - 12:27:05 ---A- C:\Documents And Settings\All Users\Application Data\Skype\Plugins\local_store.dat [988]

O61 - LFC:Last File Created 25/11/2010 - 12:36:14 ---A- C:\Documents And Settings\All Users\Application Data\NortonInstaller\Logs\11-25-2010-12h35m34s\Install.1.mft.7z [4227]

O61 - LFC:Last File Created 25/11/2010 - 12:36:15 ---A- C:\Documents And Settings\All Users\Application Data\NortonInstaller\Logs\11-25-2010-12h35m34s\NortonInstall-11-25-2010-12h35m34s.log [89740]

O61 - LFC:Last File Created 25/11/2010 - 12:36:17 ---A- C:\Documents And Settings\All Users\Application Data\NortonInstaller\Logs\11-25-2010-12h36m15s\NortonInstall-11-25-2010-12h36m15s.log [9948]

O61 - LFC:Last File Created 25/11/2010 - 12:37:06 ---A- C:\Documents And Settings\samira\Application Data\skypePM\2010-11-25-1.ezlog [45608]

O61 - LFC:Last File Created 25/11/2010 - 12:37:52 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1e4ac0.qua [221602]

O61 - LFC:Last File Created 25/11/2010 - 12:37:55 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4d1e4ac1.qua [7667194]

O61 - LFC:Last File Created 25/11/2010 - 12:37:57 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\REPORTS\8c2769e1.avl [1714]

O61 - LFC:Last File Created 25/11/2010 - 12:38:08 -SHA- C:\Documents And Settings\LocalService\IETldCache\index.dat [16384]

O61 - LFC:Last File Created 25/11/2010 - 12:38:09 ---A- C:\Documents And Settings\All Users\Application Data\Avira\AntiVir Desktop\LOGFILES\AVSCAN-20101125-103720-5AD87169.LOG [22886]

O61 - LFC:Last File Created 25/11/2010 - 12:38:46 -SHA- C:\Documents And Settings\LocalService\Mes documents\desktop.ini [78]

O61 - LFC:Last File Created 25/11/2010 - 12:39:16 ---A- C:\Documents And Settings\LocalService\Mes documents\AVSCAN-20101125-103720-5AD87169.LOG [22886]

O61 - LFC:Last File Created 25/11/2010 - 12:39:37 ---A- C:\Documents And Settings\samira\Application Data\Skype\sami-ra1\dc.db [675840]

O61 - LFC:Last File Created 25/11/2010 - 12:48:41 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [12288]

O61 - LFC:Last File Created 25/11/2010 - 12:48:59 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\7634B.cab [2214]

O61 - LFC:Last File Created 25/11/2010 - 12:48:59 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\7634B.txt [2642]

O61 - LFC:Last File Created 25/11/2010 - 12:52:49 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [12288]

O61 - LFC:Last File Created 25/11/2010 - 12:53:12 ---A- C:\Documents And Settings\samira\Application Data\Sun\Java\Deployment\deployment.properties [665]

O61 - LFC:Last File Created 25/11/2010 - 12:54:32 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage [3072]

O61 - LFC:Last File Created 25/11/2010 - 12:56:51 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks [8252]

O61 - LFC:Last File Created 25/11/2010 - 12:56:51 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak [8252]

O61 - LFC:Last File Created 25/11/2010 - 13:00:34 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\11FEC0.cab [2214]

O61 - LFC:Last File Created 25/11/2010 - 13:00:34 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\11FEC0.txt [2642]

O61 - LFC:Last File Created 25/11/2010 - 13:33:40 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Cookies [6144]

O61 - LFC:Last File Created 25/11/2010 - 13:33:54 ---A- C:\Documents And Settings\samira\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.52074 [110]

O61 - LFC:Last File Created 25/11/2010 - 13:33:54 ---A- C:\Documents And Settings\samira\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.52074 [63]

O61 - LFC:Last File Created 25/11/2010 - 13:34:00 ---A- C:\Documents And Settings\samira\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-11-25 (13-34-00).txt [1125]

O61 - LFC:Last File Created 25/11/2010 - 13:35:13 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\config.dat [778]

O61 - LFC:Last File Created 25/11/2010 - 13:35:13 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\link.txt [138]

O61 - LFC:Last File Created 25/11/2010 - 13:35:13 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\local.dat [87]

O61 - LFC:Last File Created 25/11/2010 - 13:35:13 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt [138]

O61 - LFC:Last File Created 25/11/2010 - 13:35:13 ---A- C:\Documents And Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [5741270]

O61 - LFC:Last File Created 25/11/2010 - 13:38:18 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\348A12.cab [2144]

O61 - LFC:Last File Created 25/11/2010 - 13:38:18 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\348A12.txt [2642]

O61 - LFC:Last File Created 25/11/2010 - 17:29:55 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\15EFD8.cab [2252]

O61 - LFC:Last File Created 25/11/2010 - 17:29:55 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\15EFD8.txt [2642]

O61 - LFC:Last File Created 25/11/2010 - 17:34:09 ---A- C:\Documents And Settings\samira\Mes documents\Downloads\everesthome220.exe [4179293]

O61 - LFC:Last File Created 25/11/2010 - 17:34:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lavalys\EVEREST Home Edition\EVEREST Home Edition Documentation.lnk [785]

O61 - LFC:Last File Created 25/11/2010 - 17:34:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lavalys\EVEREST Home Edition\EVEREST Home Edition on the Web.lnk [601]

O61 - LFC:Last File Created 25/11/2010 - 17:34:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lavalys\EVEREST Home Edition\EVEREST Home Edition.lnk [785]

O61 - LFC:Last File Created 25/11/2010 - 17:34:34 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lavalys\EVEREST Home Edition\Uninstall EVEREST Home Edition.lnk [792]

O61 - LFC:Last File Created 25/11/2010 - 17:34:34 ---A- C:\Documents And Settings\samira\Bureau\EVEREST Home Edition.lnk [767]

O61 - LFC:Last File Created 25/11/2010 - 17:35:26 ---A- C:\Documents And Settings\samira\Application Data\Microsoft\HTML Help\hh.dat [10482]

O61 - LFC:Last File Created 25/11/2010 - 17:52:11 ---A- C:\Documents And Settings\samira\Mes documents\Downloads\ZHPDiag.zip [2209119]

O61 - LFC:Last File Created 25/11/2010 - 18:02:39 ---A- C:\Documents And Settings\samira\Mes documents\ZHPDiag.Txt [116935]

O61 - LFC:Last File Created 25/11/2010 - 18:05:45 ---A- C:\Documents And Settings\All Users\Bureau\MBRCheck.lnk [673]

O61 - LFC:Last File Created 25/11/2010 - 18:05:45 ---A- C:\Documents And Settings\All Users\Bureau\ZHPDiag.lnk [666]

O61 - LFC:Last File Created 25/11/2010 - 18:05:45 ---A- C:\Documents And Settings\All Users\Bureau\ZHPFix.lnk [661]

O61 - LFC:Last File Created 25/11/2010 - 18:05:45 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\ZHP\ZHPDiag.lnk [439]

O61 - LFC:Last File Created 25/11/2010 - 18:18:04 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Toolbar Cache\6.4.1321.1732\fr\translate_languages.json.content [1481]

O61 - LFC:Last File Created 25/11/2010 - 18:19:07 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4 [34239]

O61 - LFC:Last File Created 25/11/2010 - 18:19:07 -S-A- C:\Documents And Settings\samira\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4 [132]

O61 - LFC:Last File Created 25/11/2010 - 18:19:08 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384]

O61 - LFC:Last File Created 25/11/2010 - 18:19:08 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768]

O61 - LFC:Last File Created 25/11/2010 - 18:19:54 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [4232]

O61 - LFC:Last File Created 25/11/2010 - 18:19:54 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [5471]

O61 - LFC:Last File Created 25/11/2010 - 18:20:45 ---A- C:\Documents And Settings\samira\Bureau\mbam-log-2010-11-25 (13-34-00).txt [1125]

O61 - LFC:Last File Created 25/11/2010 - 19:03:14 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Microsoft\Windows\UsrClass.bak [262144]

O61 - LFC:Last File Created 25/11/2010 - 19:04:22 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\6C6999.cab [2147]

O61 - LFC:Last File Created 25/11/2010 - 19:04:22 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\6C6999.txt [2642]

O61 - LFC:Last File Created 26/11/2010 - 09:25:33 -SHA- C:\Documents And Settings\samira\Local Settings\Historique\History.IE5\MSHist012010112620101127\index.dat [32768]

O61 - LFC:Last File Created 26/11/2010 - 09:31:51 ---A- C:\Documents And Settings\samira\Bureau\AD-R.lnk [1554]

O61 - LFC:Last File Created 26/11/2010 - 10:02:33 -SH-- C:\Documents And Settings\samira\Local Settings\Temporary Internet Files\desktop.ini [67]

O61 - LFC:Last File Created 26/11/2010 - 10:02:33 -SHA- C:\Documents And Settings\samira\IECompatCache\index.dat [868352]

O61 - LFC:Last File Created 26/11/2010 - 10:02:33 -SHA- C:\Documents And Settings\samira\Recent\Desktop.ini [150]

O61 - LFC:Last File Created 26/11/2010 - 10:02:35 ----- C:\Documents And Settings\samira\Local Settings\Temporary Internet Files\SuggestedSites.dat [5242991]

O61 - LFC:Last File Created 26/11/2010 - 10:02:35 -SH-- C:\Documents And Settings\samira\Local Settings\Historique\History.IE5\desktop.ini [67]

O61 - LFC:Last File Created 26/11/2010 - 10:02:40 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\index [524656]

O61 - LFC:Last File Created 26/11/2010 - 10:02:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [53248]

O61 - LFC:Last File Created 26/11/2010 - 10:02:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000001 [30601]

O61 - LFC:Last File Created 26/11/2010 - 10:02:43 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000002 [34942]

O61 - LFC:Last File Created 26/11/2010 - 10:02:52 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000003 [21357]

O61 - LFC:Last File Created 26/11/2010 - 10:02:52 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000004 [18548]

O61 - LFC:Last File Created 26/11/2010 - 10:02:53 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000005 [28465]

O61 - LFC:Last File Created 26/11/2010 - 10:02:55 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000006 [35335]

O61 - LFC:Last File Created 26/11/2010 - 10:02:57 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000007 [20478]

O61 - LFC:Last File Created 26/11/2010 - 10:02:57 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000008 [51343]

O61 - LFC:Last File Created 26/11/2010 - 10:02:57 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000009 [34947]

O61 - LFC:Last File Created 26/11/2010 - 10:03:17 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00000a [33209]

O61 - LFC:Last File Created 26/11/2010 - 10:03:18 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00000b [35892]

O61 - LFC:Last File Created 26/11/2010 - 10:03:19 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00000d [112173]

O61 - LFC:Last File Created 26/11/2010 - 10:03:20 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00000e [20336]

O61 - LFC:Last File Created 26/11/2010 - 10:03:58 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00000f [51343]

O61 - LFC:Last File Created 26/11/2010 - 10:04:59 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000011 [50350]

O61 - LFC:Last File Created 26/11/2010 - 10:05:33 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000013 [27045]

O61 - LFC:Last File Created 26/11/2010 - 10:05:33 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000014 [82823]

O61 - LFC:Last File Created 26/11/2010 - 10:05:34 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000015 [32933]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000017 [22888]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000018 [35476]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000019 [37193]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001a [66583]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001b [58080]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001c [41801]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001d [51746]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001e [102812]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00001f [102395]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000020 [43730]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000021 [66153]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000022 [57850]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000023 [36416]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000024 [60336]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000025 [50489]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000026 [41846]

O61 - LFC:Last File Created 26/11/2010 - 10:10:08 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000027 [58077]

O61 - LFC:Last File Created 26/11/2010 - 10:10:09 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000028 [38675]

O61 - LFC:Last File Created 26/11/2010 - 10:10:09 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000029 [42040]

O61 - LFC:Last File Created 26/11/2010 - 10:10:41 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002a [18602]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002b [41165]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002c [16967]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002d [27116]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002e [27254]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00002f [32140]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000030 [38040]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000031 [28446]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000032 [53797]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000033 [31553]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000034 [29030]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000035 [34035]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000036 [29418]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000037 [41417]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000038 [65863]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000039 [116020]

O61 - LFC:Last File Created 26/11/2010 - 10:10:42 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003a [56305]

O61 - LFC:Last File Created 26/11/2010 - 10:11:57 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003b [22688]

O61 - LFC:Last File Created 26/11/2010 - 10:11:57 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003c [22365]

O61 - LFC:Last File Created 26/11/2010 - 10:11:58 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003d [38882]

O61 - LFC:Last File Created 26/11/2010 - 10:12:00 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003e [16833]

O61 - LFC:Last File Created 26/11/2010 - 10:12:00 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_00003f [19566]

O61 - LFC:Last File Created 26/11/2010 - 10:12:05 ---A- C:\Documents And Settings\samira\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_000040 [17170]

O61 - LFC:Last File Created 26/11/2010 - 10:12:11 ---A- C:\Documents And Settings\samira\Local Settings\Applicatio