~ Rapport de ZHPDiag v2013.8.15.24 - Nicolas Coolman (2013-08-15) ~ Lancé par Administrateur (2013-08-17 10:09:21) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox 23.0.1 GCIE: Google Chrome v28.0.1500.95 ---\\ Informations sur les produits Windows ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système Kaspersky PURE 3.0 v13.0.2.558 ---\\ Logiciels d'optimisation du système CCleaner v4.04 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 25 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3055 MB (61% free) System Restore: Activé (Enable) System drive C: has 442 GB (94%) free of 466 GB ---\\ Mode de connexion au système ~ Computer Name: ADMINISTRATEUR ~ User Name: Administrateur ~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\ ~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\ ~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques C:\ Hard drive, Flash drive, Thumb drive (Free 442 Go of 466 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 32 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.65C139A960A229DA481DDABF201AED85] - (.Microsoft Corporation - Explorateur Windows.) (.2009-01-30 - 19:21:18.) -- C:\WINDOWS\Explorer.exe [1077248] [MD5.E1948293F7CBC38987270432935D8D05] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2013-07-26 - 03:47:15.) -- C:\WINDOWS\system32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.2008-04-13 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-08-17 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.2008-04-13 - 16:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2008-04-13 - 12:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2008-04-13 - 11:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.2008-04-13 - 18:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.2008-04-13 - 09:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.2008-04-14 - 00:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.2008-04-13 - 11:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.2008-04-13 - 11:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.2008-04-13 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-07-15 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.2008-04-13 - 12:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.2008-04-13 - 12:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-02-03 - 14:56:41.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2008-04-13 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2008-04-13 - 16:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.2008-04-13 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2008-04-13 - 18:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/6 ~ Mes musiques (My Musics) : 1/2 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/87 ~ Mon Bureau (My Desktop) : 0/8 ~ Menu demarrer (Programs) : 1/56 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés au démarrage su système [MD5.121F65BB9401126D3292695CD8D0DF95] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [643072] [PID.1500] [MD5.F45DD1E1365D857DD08BC23563370D0E] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [PID.1700] [MD5.8C72E0E88E5A1A70691135864F2F7F1B] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\WINDOWS\system32\vcsFPService.exe [1664304] [PID.1832] [MD5.03F6CF42A1DB74290448CDE668578C87] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\STacSV.exe [254034] [PID.604] [MD5.F40C8C9DBABFD6611404EE36127D6326] - (.Hewlett-Packard Corporation - Hp Accelerometer System Tray.) -- C:\WINDOWS\System32\accelerometerST.exe [70200] [PID.988] [MD5.C6CDA4E093DD3B2977F87DA498827FCB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968] [PID.996] [MD5.F000470246FE15E127DB5536558A5B9C] - (.PSA PEUGEOT CITROEN - HttpAgt.) -- C:\APP\ddc\bin\psaagent.exe [147456] [PID.1028] [MD5.D69FF8A90B0DD791A2660461BCA48991] - (...) -- C:\APP\ediag\eclipse.exe [57344] [PID.1056] [MD5.B5CCDE6BA6636E2614DD7ABD820A141B] - (.International Business Machines Corporation - J9 launcher (without console window).) -- C:\APP\ediag\importedj9\jre\bin\j9w.exe [69632] [PID.1080] [MD5.2DF81CB002F5EFD9A6F1391B71C723FF] - (.SPX Service Solutions - ASDE communication Server.) -- C:\Program Files\Fichiers communs\sagem SA\DgIpSvr.exe [315492] [PID.1032] [MD5.9428C1CC03CA43DA67A2DE36A7598FB0] - (...) -- C:\APP\SIM\sim.exe [57344] [PID.1108] [MD5.20DA53D4143C03BC0DF60513A1A795AD] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [636256] [PID.1140] [MD5.6416F9B6B220F0A890525C38235AFAD7] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336] [PID.2308] [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2320] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2372] [MD5.0F9FE82E229C039F0AC1996E44059653] - (.Infowatch - InfoWatch CryptoStorage Protected objects c.) -- C:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040] [PID.2396] [MD5.83158CA47591AF55A9759B5C648B0462] - (...) -- C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe [687104] [PID.2528] [MD5.EAFA072D9BF7E2A230A3CC7107481AFC] - (.The Firebird Project - Firebird SQL Server.) -- C:\AWRoot\bin\lib\firebird\bin\fbguard.exe [65536] [PID.2736] [MD5.75ECB81500C381948029987B54E1C552] - (.FabulaTech - Serial Port Splitter service.) -- C:\WINDOWS\system32\ftspssrv.exe [708608] [PID.2752] [MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- c:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.2884] [MD5.BB4E55778D8DE3885E1CDAC795DE7BCE] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2920] [MD5.F86DC18B1C25A014E2D4C4625CC8146B] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1783632] [PID.2952] [MD5.44AA8D5D3B3B5610FEF46CA8A9C52D8C] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.3664] [MD5.B9DBBBB70EBBCD7880AF03C33B2312BB] - (.Broadcom Corporation. - Bluetooth Support Server.) -- c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [365912] [PID.4004] [MD5.01FE3287C438D28EB6753169B1F43381] - (.The Firebird Project - Firebird SQL Server.) -- C:\AWRoot\bin\lib\firebird\bin\fbserver.exe [1527893] [PID.2472] [MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.3024] [MD5.CAA7671C1B5E07028E104E0E0B8B2BF5] - (.Apache Software Foundation - Apache HTTP Server.) -- C:\APP\ddc\opt\apache\bin\httpd_ddc.exe [24647] [PID.4476] [MD5.3B43301EA8C135B7189474EB1E9846E8] - (...) -- C:\APP\ddc\bin\psaSingleSignOnDaemon.exe [417792] [PID.4508] [MD5.72EF708552059546B1AAA82E7AA59439] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.4752] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.5748] [MD5.22F297689CAA74CB2BDBE964B8CC2562] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7823360] [PID.776] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2116] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 1 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 1 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} . (.Kaspersky Lab - Autofill Engine for IE-based web browsers.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll O2 - BHO: Fast Free Converter 4.1 - {8232785C-5C98-4A6E-B7B4-911FFBED7582} . (.Fast Free Converter - Fast Free Converter.) -- C:\Program Files\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll ~ BHO: 16 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Kaspersky Passsword Manager Toolbar - [HKLM]{215BA832-75A3-426E-A4FC-7C5B58CE6A10} . (.Kaspersky Lab - Autofill Engine for IE-based web browsers.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Corporation - Hp Accelerometer System Tray.) -- C:\WINDOWS\System32\accelerometerST.exe O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe O4 - HKLM\..\Run: [psastart] . (...) -- C:\APP\ddc\bin\psastart.exe O4 - HKLM\..\Run: [ediagStart] . (...) -- C:\APP\ediag\eDiagStart.lnk O4 - HKLM\..\Run: [SIM] . (...) -- C:\APP\SIM\SIMBat.lnk O4 - HKLM\..\Run: [ServeurIPAsde] . (.SPX Service Solutions - ASDE communication Server.) -- C:\Program Files\Fichiers communs\sagem SA\DgIpSvr.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] Clé orpheline O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Programs: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\kbrd.ico O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- c:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico O9 - Extra button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\logo.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com ~ IE Zone Confiance: Scanned in 00mn 01s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1376344196288 ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF6B4AB-635F-47D5-99E3-CB16E1DE5152}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{6DF6B4AB-635F-47D5-99E3-CB16E1DE5152}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{6DF6B4AB-635F-47D5-99E3-CB16E1DE5152}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 ~ Domain: Scanned in 00mn 00s ---\\ Titr_HJT34=Protocole additionnel (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: FastFreeConverterUpdt (FastFreeConverterUpdt) . (...) - C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) . (.The Firebird Project - Firebird SQL Server.) - C:\AWRoot\bin\lib\firebird\bin\fbguard.exe O23 - Service: Serial Port Splitter service (ftspssrv) . (.FabulaTech - Serial Port Splitter service.) - C:\WINDOWS\system32\ftspssrv.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\WINDOWS\system32\vcsFPService.exe ~ Services: 17 Legitimates Filtered in 00mn 07s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys O41 - Driver: (sbaphd) . (. - .) - C:\WINDOWS\system32\drivers\sbaphd.sys (.not file.) ~ Drivers: 81 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: CLIP - (.SPX.) [HKLM] -- {9D143A8C-C66A-4E27-A602-C004F14EBA92} O42 - Logiciel: Fast Free Converter - (.Fast Free Converter.) [HKLM] -- Fast Free Converter O42 - Logiciel: SPS32_MSI - (.ACTIA.) [HKLM] -- {21AC2485-CC6F-4EC5-9735-28BA72140E07} O42 - Logiciel: Vista Rainbar 4.3 - (...) [HKLM] -- Vista Rainbar 4.3 ~ Logic: 106 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Visual Task Tips] [HKLM\Software\ACTIA] [HKLM\Software\DiagBox] [HKLM\Software\File Type Helper] [HKLM\Software\Hardware structure] [HKLM\Software\PCBD] [HKLM\Software\POUD] [HKLM\Software\SPX] [HKLM\Software\ZUpdater] ~ Key Software: 168 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 2009-01-16 - 00:52:42 - [17,602] ----D C:\Program Files\CONSOLE O43 - CFD: 2013-08-13 - 21:55:47 - [10,115] ----D C:\Program Files\DB Drivers O43 - CFD: 2013-08-14 - 23:04:10 - [0,231] ----D C:\Program Files\DiagBox O43 - CFD: 2013-08-13 - 21:41:50 - [1,569] ----D C:\Program Files\Fast Free Converter O43 - CFD: 2013-08-13 - 21:41:47 - [0,189] ----D C:\Program Files\File Type Helper O43 - CFD: 2009-01-15 - 21:20:14 - [137,762] ----D C:\Program Files\Jeux Windows O43 - CFD: 2013-08-13 - 18:31:33 - [1,409] ----D C:\Program Files\Logiciel O43 - CFD: 2009-02-03 - 17:27:54 - [35,033] ----D C:\Program Files\Outils Spécial XP³ O43 - CFD: 2013-08-14 - 17:24:10 - [14,026] ----D C:\Program Files\Vista Rainbar O43 - CFD: 2009-01-18 - 15:29:23 - [0,922] ----D C:\Program Files\Vista Start O43 - CFD: 2013-08-15 - 08:22:37 - [2,590] ----D C:\Documents and Settings\Administrateur\Application Data\Actia O43 - CFD: 2013-08-15 - 08:22:37 - [6,085] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia O43 - CFD: 2013-08-13 - 02:38:24 - [0,006] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Jeux Console O43 - CFD: 2013-08-13 - 02:40:57 - [0,007] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Jeux Windows O43 - CFD: 2013-08-13 - 02:42:39 - [0,002] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outils Spécial XP³ O43 - CFD: 2013-08-13 - 02:43:22 - [0,001] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Vista Rainbar ~ Program Folder: 141 Legitimates Filtered in 00mn 10s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 2013-08-12 - 21:27:14 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [3072] O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 2013-08-12 - 21:27:14 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [1896] O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 2013-08-12 - 21:27:17 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082] O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082] O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082] O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082] O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082] O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082] O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082] O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082] O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082] O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082] O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082] O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082] O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082] O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594] O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594] O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594] O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594] O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594] O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594] O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 2013-08-12 - 21:27:20 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-12 - 21:31:02 ----- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-12 - 21:32:04 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0] O44 - LFC:[MD5.4676393D5E1FE9686751E7D3C7EE6077] - 2013-08-12 - 22:57:19 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat [8452] O44 - LFC:[MD5.64D579F38C5FADFB05182B34808469E1] - 2013-08-12 - 23:08:54 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\WINDOWS\system32\Drivers\CSCrySec.sys [88632] O44 - LFC:[MD5.4CEDBC3811E655567D99D3123804647B] - 2013-08-12 - 23:08:55 ---A- . (.Infowatch - Virtual Volume Container Driver (wxp).) -- C:\WINDOWS\system32\Drivers\CSVirtualDiskDrv.sys [39736] O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 2013-08-13 - 01:33:06 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488] O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 2013-08-13 - 01:33:11 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768] O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 2013-08-13 - 01:33:11 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3914] O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 2013-08-13 - 01:33:12 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286] O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 2013-08-13 - 01:33:12 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [27768] O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 2013-08-13 - 01:33:12 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1263] O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 2013-08-13 - 01:33:13 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984] O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 2013-08-13 - 01:33:13 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006] O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 2013-08-13 - 01:33:13 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458] O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 2013-08-13 - 01:33:13 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948] O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 2013-08-13 - 01:33:13 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484] O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978] O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582] O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp [17336] O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730] O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272] O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp [17062] O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876] O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740] O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 2013-08-13 - 01:33:14 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702] O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 2013-08-13 - 01:33:15 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832] O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 2013-08-13 - 01:33:15 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362] O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 2013-08-13 - 01:33:15 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp [26680] O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 2013-08-13 - 01:33:15 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954] O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 2013-08-13 - 01:33:15 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522] O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2013-08-13 - 01:33:45 ---A- . (...) -- C:\WINDOWS\vb.ini [36] O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2013-08-13 - 01:33:45 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37] O44 - LFC:[MD5.5A454754676BC4CBAED800AC242ADCA3] - 2013-08-13 - 01:33:54 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21892] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-13 - 01:35:24 ---A- . (...) -- C:\WINDOWS\desktop.ini [2] O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-13 - 01:35:24 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 2013-08-13 - 01:35:24 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102] O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 2013-08-13 - 01:35:24 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-13 - 01:35:55 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-13 - 01:35:57 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-13 - 01:35:57 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2013-08-13 - 01:36:45 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 2013-08-13 - 01:36:47 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832] O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 2013-08-13 - 01:36:47 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 01:36:52 ---A- . (...) -- C:\AUTOEXEC.BAT [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 01:36:52 ---A- . (...) -- C:\CONFIG.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 01:36:52 ---A- . (...) -- C:\WINDOWS\control.ini [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 01:36:52 RSHA- . (...) -- C:\IO.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 01:36:52 RSHA- . (...) -- C:\MSDOS.SYS [0] O44 - LFC:[MD5.428FD508FEF7B26AD69B8C64B2218984] - 2013-08-13 - 01:38:38 ---A- . (...) -- C:\WINDOWS\system32\CompressATI2.dll [73728] O44 - LFC:[MD5.F902923E3EF5ED6F001E626CC8E12DD5] - 2013-08-13 - 01:38:41 ---A- . (.Pas de propriétaire - TwainUI DLL.) -- C:\WINDOWS\system32\M2000Twn.dll [376832] O44 - LFC:[MD5.1133991DD82F774A7ABB842BD67E7CB8] - 2013-08-13 - 01:38:41 ---A- . (.Rafael & ZoRoNaX - Windows Vista Emulation Library.) -- C:\WINDOWS\system32\Vista.Emulation.dll [61440] O44 - LFC:[MD5.5FBD554B3F69FCD5A1804277B337BF8E] - 2013-08-13 - 01:46:01 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [1191] O44 - LFC:[MD5.B68B8A53D9A149B24157967AA2D99F82] - 2013-08-13 - 04:25:42 ----- . (.LSI Corporation - Agrsmdel.) -- C:\WINDOWS\system32\agrsmdel.exe [64000] O44 - LFC:[MD5.54A013545ED2E147651CBBE3E0575D52] - 2013-08-13 - 04:25:42 ----- . (.LSI Corporation - LSISoft Modem Co-Installer.) -- C:\WINDOWS\system32\agrsco64.dll [14848] O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 2013-08-13 - 04:26:57 ---A- . (.Pas de propriétaire - About Page.) -- C:\WINDOWS\system32\RtNicProp32.dll [80416] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 04:35:25 RSHA- . (...) -- C:\WINDOWS\system32\Drivers\103C_HP_UNK_ProBook 4720s_YUNK_0U_Q2CE1150WF1_EU_4A_I1411_SHP_V57.34_B68AZZ F.0F_T110218_WXP3_L40C_M3056_J500_7Intel_8655_92.66_#130812_N_()_XMOBILE_CN10_Z_2_G_Ohp CDDVDW TS-L633R_D_HWDC WD5000BEKT-60KA9T0_F_P.MRK [0] O44 - LFC:[MD5.3CF09A0A997B6F6A2929296E74B32C11] - 2013-08-13 - 04:35:47 ---A- . (...) -- C:\WINDOWS\system32\RaCoInst.dat [14051] O44 - LFC:[MD5.453438388210192132306AB93983553A] - 2013-08-13 - 04:35:48 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\Drivers\rt2860.sys [1718880] O44 - LFC:[MD5.F1FEFE8332330B94E54EC23116245144] - 2013-08-13 - 04:35:48 ---A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- C:\WINDOWS\system32\RaCoInst.dll [238944] O44 - LFC:[MD5.05673CEB86F2DDCC4CD02397692B3617] - 2013-08-13 - 04:35:58 ---A- . (...) -- C:\WINDOWS\system32\RaCoInst.log [1364] O44 - LFC:[MD5.701E8F87F905722C6879EFC5EEFF6C08] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\atiogl.xml [38445] O44 - LFC:[MD5.22A10FCBF9995B3929D17C980AA914D6] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\system32\atiapfxx.blb [296200] O44 - LFC:[MD5.56AB66293A4F0A13309B1EC6E4E3CE5A] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\system32\atiicdxx.dat [662787] O44 - LFC:[MD5.DADAFE066983AB646E8550013FB7DA13] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\system32\ativva5x.dat [3] O44 - LFC:[MD5.CD663D99F1458BAA1840411C01B86EE5] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\system32\ativva6x.dat [887724] O44 - LFC:[MD5.72A30823A92782B658292B03454058DA] - 2013-08-13 - 04:40:32 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [1586720] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 04:40:37 ---A- . (...) -- C:\WINDOWS\ativpsrm.bin [0] O44 - LFC:[MD5.CCC588C303F462DC08EE87F78454A9D8] - 2013-08-13 - 18:52:30 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [12416] O44 - LFC:[MD5.E6B7D1B24E16FB24CE1FEA964E144EBC] - 2013-08-13 - 20:45:41 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\system32\Drivers\dtsoftbus01.sys [243128] O44 - LFC:[MD5.B6D792BE5F3EB7680F5BFCC2E679832E] - 2013-08-13 - 20:52:57 ----- . (.ACTIA - VCommUSB driver.) -- C:\WINDOWS\system32\Drivers\VCommUSB.sys [40576] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-13 - 20:53:31 ---A- . (...) -- C:\WINDOWS\system32\sps-err.log [0] O44 - LFC:[MD5.91BDE7F59B0E602EB4772D30E825DC94] - 2013-08-14 - 22:18:19 ---A- . (...) -- C:\WINDOWS\win.ini [632] O44 - LFC:[MD5.CB61256E565B327CED2E9CFF86386C02] - 2013-08-15 - 11:16:35 ---A- . (.JCAE - Jcae04_USBw32.) -- C:\WINDOWS\system32\Drivers\JCAECI.sys [38944] O44 - LFC:[MD5.C072F3ED180048C22AC35C536343109D] - 2013-08-15 - 11:16:35 ---A- . (.JCAE - Jcae04_USBw32.) -- C:\WINDOWS\system32\Drivers\Jcae04_USBw32.sys [38944] O44 - LFC:[MD5.19D47B9C4D3B80BD7C73396E18E7BA2E] - 2013-08-15 - 11:16:35 ---A- . (.Johnson Controls - Chargement du firmware Cypress.) -- C:\WINDOWS\system32\Drivers\JCAECan.sys [22856] O44 - LFC:[MD5.9D73C0A487CE1B41D7A64473E08DF68C] - 2013-08-15 - 11:16:35 ---A- . (.Johnson Controls - Chargement du firmware Cypress.) -- C:\WINDOWS\system32\Drivers\JCAEIso.sys [22856] O44 - LFC:[MD5.A6A9536CA7A8CF3008A93BFF3D3C4786] - 2013-08-15 - 11:16:35 ---A- . (.Johnson Controls Automotive Electronics - Driver kernel USB pour DiagBox 98/2000.) -- C:\WINDOWS\system32\Drivers\DbDrv.sys [40808] O44 - LFC:[MD5.2D473FE9B69E54D6BE6363E885F7AE58] - 2013-08-15 - 11:16:35 ---A- . (.Pas de propriétaire - Generic USB driver.) -- C:\WINDOWS\system32\Drivers\STTub203.sys [48312] O44 - LFC:[MD5.FE7A9B34768C4AD07DC4472330E796CE] - 2013-08-15 - 11:16:35 ---A- . (.Your Corporation - Description string for SondeAirbagUSB drive.) -- C:\WINDOWS\system32\Drivers\SondeAirbagUSB.sys [39928] O44 - LFC:[MD5.868C3A51DE58FB0E5272A7B40B6C575C] - 2013-08-15 - 11:16:54 ---A- . (...) -- C:\WINDOWS\system32\ODBCINST.HLP [17412] O44 - LFC:[MD5.2058E0751F82CA56F28F2EA052070D5E] - 2013-08-15 - 11:16:54 ---A- . (...) -- C:\WINDOWS\system32\ODBCJET.HLP [113064] O44 - LFC:[MD5.7467F213C65373609EB9D5E45D92B7C2] - 2013-08-15 - 11:16:54 ---A- . (...) -- C:\WINDOWS\system32\ODBCJTNW.HLP [83833] O44 - LFC:[MD5.6AFD01CFDB7C124B296154D4D8F8D193] - 2013-08-15 - 11:16:54 ---A- . (...) -- C:\WINDOWS\system32\STDOLE.TLB [4304] O44 - LFC:[MD5.004107CA54F8B744752E954303821D60] - 2013-08-15 - 13:56:29 ---A- . (...) -- C:\WINDOWS\system32\OLE2.REG [27026] O44 - LFC:[MD5.079EE82869021245A6B0ACA7B5D3F9D2] - 2013-08-15 - 13:56:51 ---A- . (...) -- C:\WINDOWS\system32\BC30RTL.DLL [143802] O44 - LFC:[MD5.2EEB211CFE257D18835BBD4C09217996] - 2013-08-15 - 13:56:51 ---A- . (...) -- C:\WINDOWS\system32\DIBAPI.DLL [23632] O44 - LFC:[MD5.991E25230BF55C81EB262D812C1C047B] - 2013-08-15 - 13:56:51 ---A- . (...) -- C:\WINDOWS\system32\OWL31.DLL [154240] O44 - LFC:[MD5.C71F356A7DEB5A06B653B2E37FDBAD9A] - 2013-08-15 - 13:56:51 ---A- . (...) -- C:\WINDOWS\system32\PXENGWIN.DLL [241853] O44 - LFC:[MD5.F98DD2CC0B6A36D442F1CBBFA89D72B0] - 2013-08-15 - 13:56:51 ---A- . (...) -- C:\WINDOWS\system32\TCLASS31.DLL [68444] O44 - LFC:[MD5.FADF52A1CE266297A9B0E2771AFF8E9E] - 2013-08-15 - 21:15:27 ---A- . (...) -- C:\WINDOWS\Asde.ini [4676] O44 - LFC:[MD5.2D5670C3FD74F1A7D8D29BC258761F61] - 2013-08-15 - 21:15:27 ---A- . (...) -- C:\WINDOWS\OPTIMA.INI [253] O44 - LFC:[MD5.61EFCDD9EE12D158359C34B4017D76B9] - 2013-08-15 - 21:15:27 ---A- . (...) -- C:\WINDOWS\Restrict.ini [1327] O44 - LFC:[MD5.F08C71F6F2B3B7BA774243FDE840CC25] - 2013-08-15 - 21:15:27 ---A- . (...) -- C:\WINDOWS\Restrict_Dacia.ini [319] O44 - LFC:[MD5.E1F798689A753200008156447C53109E] - 2013-08-15 - 21:15:27 ---A- . (...) -- C:\WINDOWS\Restrict_Renault.ini [2203] O44 - LFC:[MD5.71B3DB3605A0F55C674E646D7C749DC9] - 2013-08-15 - 21:22:41 ---A- . (...) -- C:\EngineeringData.zip [2723] O44 - LFC:[MD5.4025C7BD31733AD9BF0F0336912BB2ED] - 2013-08-16 - 19:02:16 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF [4444] O44 - LFC:[MD5.683C4067E949DDB7415939B3F536ED92] - 2013-08-16 - 19:02:39 ---A- . (...) -- C:\WINDOWS\setuplog.txt [18980] O44 - LFC:[MD5.AD14B32DC70C3CD5D10E22E16F6C1639] - 2013-08-16 - 19:12:31 ---A- . (...) -- C:\PlatformUpdate.txt [3310] O44 - LFC:[MD5.5CC3963B45C6A70F9DEC4371A83A9CCF] - 2013-08-16 - 19:12:44 ---A- . (...) -- C:\WINDOWS\Dgipsvr.ini [282] O44 - LFC:[MD5.2A0B713B00A23C10C049A70E8562B7B0] - 2013-08-16 - 19:12:45 ---A- . (...) -- C:\WINDOWS\ODBC.INI [242] O44 - LFC:[MD5.6A83789FD0BBDED5C15F8B75946E88E1] - 2013-08-16 - 19:12:45 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4445] O44 - LFC:[MD5.BC67315F2F1DBD0B010B8AC22BAE654C] - 2013-08-16 - 19:12:45 ---A- . (...) -- C:\WINDOWS\OdbcDdp.INI [44] O44 - LFC:[MD5.06A1182AF4A4D1426F478C8DF6852232] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\5800hard.ini [286] O44 - LFC:[MD5.DE6992996365FF0804E24322D478D906] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Asde_Dacia.ini [4709] O44 - LFC:[MD5.26C67A43C3333F93DE951595AEE8FFAF] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Asde_InjX70P3.ini [4700] O44 - LFC:[MD5.5C6662B5438234F9158414D3D236424D] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Asde_InjX83P2.ini [4700] O44 - LFC:[MD5.CB2BE853ACA2A28BF9467656585FFD7F] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Asde_Renault.ini [4676] O44 - LFC:[MD5.8D8F691CE985220B61D0314C1C9C472B] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Asde_SusX70p3.ini [4700] O44 - LFC:[MD5.29851F1DE4E055C64F3FC09275935FF1] - 2013-08-16 - 19:13:25 ---A- . (...) -- C:\WINDOWS\Versions.ini [129] O44 - LFC:[MD5.87C1B57696CFE6C415AC7CB3FF552326] - 2013-08-16 - 19:15:44 ---A- . (...) -- C:\WINDOWS\prmrnet.xml [214] O44 - LFC:[MD5.D3977EC7D571BD4432463EA22F27BCAA] - 2013-08-16 - 19:23:44 ---A- . (...) -- C:\WINDOWS\NTSE.ini [128] O44 - LFC:[MD5.1E36F9D4C6AE8050F466989DF8D9FC26] - 2013-08-16 - 19:23:49 ---A- . (...) -- C:\ClipBatch.txt [9124] O44 - LFC:[MD5.312E8398E30E26BF9E5E7D9B39C342F8] - 2013-08-16 - 19:27:20 ---A- . (...) -- C:\Clip.txt [3245] O44 - LFC:[MD5.13958A174CB9D1B8FF8458E7B5FC81BE] - 2013-08-16 - 19:27:20 ---A- . (...) -- C:\Clip_err.txt [506569] O44 - LFC:[MD5.46C8F91E4804ED9D7493F2C0DC688B03] - 2013-08-16 - 19:27:20 ---A- . (...) -- C:\Trace.ini [141] O44 - LFC:[MD5.7344FC49C421B4B3C9EB94288AD7513B] - 2013-08-16 - 22:10:55 ---A- . (...) -- C:\WINDOWS\faultykeyboard.log [94] O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 2013-08-17 - 08:40:38 ---A- . (...) -- C:\WINDOWS\MBR.exe [208896] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 2013-08-17 - 08:40:38 ---A- . (...) -- C:\WINDOWS\PEV.exe [256000] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 2013-08-17 - 08:40:38 ---A- . (...) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 2013-08-17 - 08:40:38 ---A- . (...) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 2013-08-17 - 08:40:38 ---A- . (...) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 2013-08-17 - 08:45:42 ---A- . (...) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.6FC03FF9C4BBAC74190DF65A44A24D57] - 2013-08-17 - 08:46:57 ---A- . (...) -- C:\ComboFix.txt [17797] O44 - LFC:[MD5.B625AB932C2E2817FB218F86AC2F8152] - 2013-08-17 - 09:03:00 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.92C2FB39F1BC7F4E629268B15F428384] - 2013-08-17 - 09:03:01 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157] ~ Files: 530 Legitimates Filtered in 00mn 47s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.9EFE1A6F567F79BAA888D22D00D1DB32] - 2013-08-16 - 19:06:56 ---A- - C:\WINDOWS\Prefetch\NETWORKADAPTERVERSIONAPP.EXE-27E31ED2.pf O45 - LFCP:[MD5.F0D9FED38A2CCA76B378FA3C73698959] - 2013-08-16 - 19:06:57 ---A- - C:\WINDOWS\Prefetch\PSASSID.EXE-24015089.pf O45 - LFCP:[MD5.A5AD6E8AB3CCAC02FAA3629E40172056] - 2013-08-16 - 19:12:15 ---A- - C:\WINDOWS\Prefetch\ROBOCOPY.EXE-212FF9E2.pf O45 - LFCP:[MD5.1B1D5C14B224CC9AB359A84938ACFC8C] - 2013-08-16 - 19:12:29 ---A- - C:\WINDOWS\Prefetch\VS90_PIAREDIST.EXE-07BBF739.pf O45 - LFCP:[MD5.96CA319BF1CBC6B0682FD4EC906D7177] - 2013-08-16 - 19:12:30 ---A- - C:\WINDOWS\Prefetch\GETOSLANGUAGE.EXE-0B6A551F.pf O45 - LFCP:[MD5.50C6C32189214EF02003C8F7EF129015] - 2013-08-16 - 19:23:40 ---A- - C:\WINDOWS\Prefetch\VIDEO_ASSISTANCE.EXE-10D869DE.pf O45 - LFCP:[MD5.1CC7340F53D932774EC83914EE97E1BC] - 2013-08-16 - 19:23:43 ---A- - C:\WINDOWS\Prefetch\FILE_TRC.EXE-278699EF.pf O45 - LFCP:[MD5.838E1A8890299B90A095EE30109179C3] - 2013-08-16 - 19:23:44 ---A- - C:\WINDOWS\Prefetch\UPDATEVISUCONF.EXE-2A47566E.pf O45 - LFCP:[MD5.68B7E83EFF396791648EF1D28044AA84] - 2013-08-16 - 19:26:44 ---A- - C:\WINDOWS\Prefetch\ACCELEROMETERST.EXE-1D2F4856.pf O45 - LFCP:[MD5.39D0DEBC2D5A1A6D2B310857C4CB5D44] - 2013-08-16 - 19:26:44 ---A- - C:\WINDOWS\Prefetch\DGIPSVR.EXE-099B5725.pf O45 - LFCP:[MD5.35D218849C59E549FFBC376501E242BC] - 2013-08-16 - 19:26:44 ---A- - C:\WINDOWS\Prefetch\J9W.EXE-191AEA58.pf O45 - LFCP:[MD5.0C4396DBD1CD60C9A19EC1E98669FA3F] - 2013-08-16 - 19:26:44 ---A- - C:\WINDOWS\Prefetch\PSASTART.EXE-04BF3EF3.pf O45 - LFCP:[MD5.5124DC1475AA80F61018B6DA0A01B1B0] - 2013-08-16 - 19:26:44 ---A- - C:\WINDOWS\Prefetch\SIM.EXE-2100C4E3.pf O45 - LFCP:[MD5.745607650D5DC9B01E81E93DF0355DDC] - 2013-08-16 - 19:28:21 ---A- - C:\WINDOWS\Prefetch\RSRWIN.EXE-19E097FC.pf O45 - LFCP:[MD5.94FDD08E5AC6F6C5395473FFFC4DBF7D] - 2013-08-16 - 19:31:48 ---A- - C:\WINDOWS\Prefetch\PARTIALTRACE.EXE-31187EF0.pf O45 - LFCP:[MD5.B33687EBF9588B32492216E4DD2956AF] - 2013-08-16 - 19:31:51 ---A- - C:\WINDOWS\Prefetch\DIAGNOSTIC.EXE-186A1EE1.pf O45 - LFCP:[MD5.53B3AD03F06C0B552F739C3DC3D1A27F] - 2013-08-16 - 19:31:53 ---A- - C:\WINDOWS\Prefetch\LCTPOLUX.EXE-2F518644.pf O45 - LFCP:[MD5.0942867914B9E0DA5019827F1FE4767F] - 2013-08-16 - 19:31:56 ---A- - C:\WINDOWS\Prefetch\AWACSSERVER.EXE-0B868522.pf O45 - LFCP:[MD5.E8B1A8C8F269E5D161B3EF163764D095] - 2013-08-16 - 19:31:56 ---A- - C:\WINDOWS\Prefetch\AWFINTERPRETER_VC80.EXE-3A0D1A4A.pf O45 - LFCP:[MD5.4B2E31384257F33A9AFFD58B3C650ABC] - 2013-08-16 - 19:31:56 ---A- - C:\WINDOWS\Prefetch\AWRSRV.EXE-28992E8F.pf O45 - LFCP:[MD5.B913431171EDB5645A870011D2E0A6F7] - 2013-08-16 - 19:31:57 ---A- - C:\WINDOWS\Prefetch\MCCOMM.EXE-0BAE4754.pf O45 - LFCP:[MD5.B6AD13EF30758088342C9083ED323DBA] - 2013-08-16 - 19:31:57 ---A- - C:\WINDOWS\Prefetch\WSTRANSFORMER.EXE-20B3602F.pf O45 - LFCP:[MD5.35AEAF036590797ECDF9DB071ECC446D] - 2013-08-16 - 19:43:06 ---A- - C:\WINDOWS\Prefetch\DCCFSMRUNNER.EXE-182E939E.pf O45 - LFCP:[MD5.13FE84E854C269AB9FCD90743E70888B] - 2013-08-16 - 19:43:06 ---A- - C:\WINDOWS\Prefetch\PSALANCE.EXE-1B4FE482.pf O45 - LFCP:[MD5.399A18D49C30191A3E33B2837BA1EABC] - 2013-08-16 - 19:43:13 ---A- - C:\WINDOWS\Prefetch\DDCECUREADER.EXE-15527B93.pf O45 - LFCP:[MD5.D03DFD804A2FA2A55A0C0C437C744430] - 2013-08-16 - 21:37:44 ---A- - C:\WINDOWS\Prefetch\CLIPLAUNCHER_X91.EXE-11D03B97.pf O45 - LFCP:[MD5.06EBA498DD6D5CB21FFB896124D46EF0] - 2013-08-17 - 08:25:44 ---A- - C:\WINDOWS\Prefetch\DOWNLOADACC.EXE-3322A66A.pf O45 - LFCP:[MD5.3DE48895EC3796BDFC5D844BFF26ABA0] - 2013-08-17 - 08:25:45 ---A- - C:\WINDOWS\Prefetch\BI.EXE-08ED278A.pf O45 - LFCP:[MD5.F167E38DBDD60FF3C490A9B160884BDD] - 2013-08-17 - 08:25:47 ---A- - C:\WINDOWS\Prefetch\PROXYINSTALLER.EXE-09A2A1EC.pf O45 - LFCP:[MD5.E7B17D0FDD0AC35D8362308CB792961E] - 2013-08-17 - 08:38:51 ---A- - C:\WINDOWS\Prefetch\NSFB.TMP-1A040626.pf O45 - LFCP:[MD5.9686853669E719E2E9F0E7411536E814] - 2013-08-17 - 08:39:34 ---A- - C:\WINDOWS\Prefetch\NSFF.TMP-263D2CB5.pf O45 - LFCP:[MD5.01FCDF45B0A29A6E8267BCEDFF8288F3] - 2013-08-17 - 08:40:10 ---A- - C:\WINDOWS\Prefetch\NS103.TMP-0A2E0664.pf O45 - LFCP:[MD5.C0B6AA41B591D31FB703474B812B52AE] - 2013-08-17 - 08:40:20 ---A- - C:\WINDOWS\Prefetch\NS107.TMP-34343DE6.pf O45 - LFCP:[MD5.0C398AD256B56040968F82BA47A2F38A] - 2013-08-17 - 08:40:25 ---A- - C:\WINDOWS\Prefetch\SETPATH.3XE-02967B08.pf O45 - LFCP:[MD5.7D3C8DBFCB09E62A3BCD51ACFE4AA500] - 2013-08-17 - 08:40:27 ---A- - C:\WINDOWS\Prefetch\NS108.TMP-1ACA9FCC.pf O45 - LFCP:[MD5.CCEA0F000F5371F31BFFD0BFC514E11C] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\CERTMGR.EXE-316906BC.pf O45 - LFCP:[MD5.DFC3B99AB7BFB41FDF24B002900A3F7A] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\DCCLOGCLEANER.EXE-2AB10103.pf O45 - LFCP:[MD5.8D34D0B39DEE44E46F40401C779328B4] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\DCCRUNPLUGINSERVICE.EXE-184FCC87.pf O45 - LFCP:[MD5.E8EF93485EE53B4D27B32DA4439FBD8E] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\FBSERVER.EXE-10C8F846.pf O45 - LFCP:[MD5.32DFD62DDA07913993092706166CBEE8] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\PSAREFRESHPPO.EXE-0574E9E2.pf O45 - LFCP:[MD5.FED9B9AA4C2514496018F24094B6100A] - 2013-08-17 - 09:03:47 ---A- - C:\WINDOWS\Prefetch\PSAREFRESHREDWIREDDC.EXE-24633998.pf O45 - LFCP:[MD5.B8BFBEC0357486B497E5FBA1770685F6] - 2013-08-17 - 09:03:48 ---A- - C:\WINDOWS\Prefetch\PSASINGLESIGNONDAEMON.EXE-13B63ED0.pf O45 - LFCP:[MD5.0C897E5ECE0B3D3D4599F2C7C32631BF] - 2013-08-17 - 09:03:53 ---A- - C:\WINDOWS\Prefetch\HTTPD_DDC.EXE-20997644.pf O45 - LFCP:[MD5.F362B3424825F21C6CA5393769F00F8D] - 2013-08-17 - 09:05:43 ---A- - C:\WINDOWS\Prefetch\PSASENDEMAILDIAG.EXE-1B217CAB.pf ~ Prefetcher: 130 Legitimates Filtered in 00mn 02s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - ShellExecuteHook antimalware di Microsoft - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll O46 - SEH:ShellExecuteHooks - (no name) - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\PROGRA~1\WIFD1F~1\MpShHook.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\ediagStart [Key] . (...) -- C:\APP\ediag\eDiagStart.lnk O53 - SMSR:HKLM\...\startupreg\psastart [Key] . (...) -- C:\APP\ddc\bin\psastart.exe ~ SMSR Keys: 8 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1 ~ MWPE Keys: 9 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.A0BAABB7D3549460E3F8C5AD6F778683] - 2008-05-23 - 18:50:16 ---A- . (.Hewlett-Packard Corporation - HP Accelerometer - SATA/RAID.) -- C:\WINDOWS\system32\Drivers\Accelerometer.sys [28592] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 2001-08-28 - 14:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 2013-08-14 - 16:25:11 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\bookmarkbackups\bookmarks-2013-08-14.json [3199] O61 - LFC: 2013-08-14 - 17:30:04 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\xpti.dat [100542] O61 - LFC: 2013-08-14 - 17:30:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\compreg.dat [138840] O61 - LFC: 2013-08-14 - 17:30:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\prefs.js [367] O61 - LFC: 2013-08-14 - 17:30:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\localstore.rdf [169] O61 - LFC: 2013-08-14 - 17:30:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\permissions.sqlite [2048] O61 - LFC: 2013-08-14 - 17:30:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\places.sqlite [135168] O61 - LFC: 2013-08-14 - 17:30:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\places.sqlite-journal [0] O61 - LFC: 2013-08-14 - 17:42:01 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\compreg.dat [138840] O61 - LFC: 2013-08-14 - 17:42:01 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\prefs.js [367] O61 - LFC: 2013-08-14 - 17:42:01 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\xpti.dat [100542] O61 - LFC: 2013-08-14 - 17:42:02 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\localstore.rdf [169] O61 - LFC: 2013-08-14 - 17:42:02 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\permissions.sqlite [2048] O61 - LFC: 2013-08-14 - 17:42:02 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\places.sqlite [135168] O61 - LFC: 2013-08-14 - 17:42:02 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\places.sqlite-journal [0] O61 - LFC: 2013-08-14 - 17:43:01 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\formhistory.sqlite [196608] O61 - LFC: 2013-08-14 - 17:43:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\_CACHE_CLEAN_ [1] O61 - LFC: 2013-08-14 - 17:57:43 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\xpti.dat [100542] O61 - LFC: 2013-08-14 - 17:57:44 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\compreg.dat [138840] O61 - LFC: 2013-08-14 - 17:57:44 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\permissions.sqlite [2048] O61 - LFC: 2013-08-14 - 17:57:44 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\prefs.js [367] O61 - LFC: 2013-08-14 - 17:57:45 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\localstore.rdf [169] O61 - LFC: 2013-08-14 - 17:57:45 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\places.sqlite [135168] O61 - LFC: 2013-08-14 - 17:57:45 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\places.sqlite-journal [0] O61 - LFC: 2013-08-14 - 18:15:50 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat [7244] O61 - LFC: 2013-08-14 - 20:15:13 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [824302] O61 - LFC: 2013-08-14 - 22:04:42 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.3.4.3\Profiles\a137olu2.default\XPC.mfl [447208] O61 - LFC: 2013-08-14 - 22:04:53 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.3.4.3\Profiles\a137olu2.default\pluginreg.dat [10325] O61 - LFC: 2013-08-14 - 22:40:21 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\XPC.mfl [488344] O61 - LFC: 2013-08-14 - 22:52:30 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.2.0\Profiles\745lhxey.default\pluginreg.dat [10325] O61 - LFC: 2013-08-14 - 23:06:47 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\bookmarkbackups\bookmarks-2013-08-15.json [3974] O61 - LFC: 2013-08-14 - 23:12:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\XPC.mfl [488344] O61 - LFC: 2013-08-14 - 23:14:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.4.0\Profiles\94zh88xm.default\pluginreg.dat [10325] O61 - LFC: 2013-08-14 - 23:48:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\xpti.dat [100805] O61 - LFC: 2013-08-14 - 23:48:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\compreg.dat [139001] O61 - LFC: 2013-08-14 - 23:48:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\prefs.js [367] O61 - LFC: 2013-08-14 - 23:48:27 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\permissions.sqlite [2048] O61 - LFC: 2013-08-14 - 23:48:27 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\XPC.mfl [1489418] O61 - LFC: 2013-08-14 - 23:48:28 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\localstore.rdf [169] O61 - LFC: 2013-08-14 - 23:48:28 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\places.sqlite [135168] O61 - LFC: 2013-08-14 - 23:48:28 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\places.sqlite-journal [0] O61 - LFC: 2013-08-15 - 06:31:02 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.5.0\Profiles\s9g5er4i.default\pluginreg.dat [10325] O61 - LFC: 2013-08-15 - 06:42:58 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\.metadata [0] O61 - LFC: 2013-08-15 - 06:44:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\1 [131072] O61 - LFC: 2013-08-15 - 06:44:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\2 [262144] O61 - LFC: 2013-08-15 - 06:44:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\3 [393216] O61 - LFC: 2013-08-15 - 06:44:05 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\4 [524288] O61 - LFC: 2013-08-15 - 06:44:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\5 [655360] O61 - LFC: 2013-08-15 - 06:44:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\6 [786432] O61 - LFC: 2013-08-15 - 06:44:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\7 [917504] O61 - LFC: 2013-08-15 - 06:44:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\8 [1048576] O61 - LFC: 2013-08-15 - 06:44:06 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\9 [1048576] O61 - LFC: 2013-08-15 - 06:44:07 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\10 [1048576] O61 - LFC: 2013-08-15 - 06:44:07 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\11 [1048576] O61 - LFC: 2013-08-15 - 06:44:07 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\12 [1048576] O61 - LFC: 2013-08-15 - 06:44:07 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\13 [1048576] O61 - LFC: 2013-08-15 - 06:44:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\14 [1048576] O61 - LFC: 2013-08-15 - 06:44:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\15 [1048576] O61 - LFC: 2013-08-15 - 06:44:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\16 [1048576] O61 - LFC: 2013-08-15 - 06:44:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\17 [1048576] O61 - LFC: 2013-08-15 - 06:44:09 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\18 [1048576] O61 - LFC: 2013-08-15 - 06:44:09 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\19 [1048576] O61 - LFC: 2013-08-15 - 06:44:09 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\20 [1048576] O61 - LFC: 2013-08-15 - 06:44:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\21 [1048576] O61 - LFC: 2013-08-15 - 06:44:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\22 [1048576] O61 - LFC: 2013-08-15 - 06:44:11 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\23 [1048576] O61 - LFC: 2013-08-15 - 06:44:11 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\24 [1048576] O61 - LFC: 2013-08-15 - 06:44:12 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\25 [1048576] O61 - LFC: 2013-08-15 - 06:44:13 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\26 [1048576] O61 - LFC: 2013-08-15 - 06:44:13 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\27 [1048576] O61 - LFC: 2013-08-15 - 06:44:14 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\28 [1048576] O61 - LFC: 2013-08-15 - 06:44:14 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\29 [1048576] O61 - LFC: 2013-08-15 - 06:44:15 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\30 [1048576] O61 - LFC: 2013-08-15 - 06:44:16 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\31 [1048576] O61 - LFC: 2013-08-15 - 06:44:16 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\32 [1048576] O61 - LFC: 2013-08-15 - 06:44:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\33 [1048576] O61 - LFC: 2013-08-15 - 06:44:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\34 [1048576] O61 - LFC: 2013-08-15 - 06:44:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\35 [1048576] O61 - LFC: 2013-08-15 - 06:44:18 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\36 [1048576] O61 - LFC: 2013-08-15 - 06:44:20 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\37 [1048576] O61 - LFC: 2013-08-15 - 06:44:20 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\38 [1048576] O61 - LFC: 2013-08-15 - 06:44:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\39 [1048576] O61 - LFC: 2013-08-15 - 06:44:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\40 [1048576] O61 - LFC: 2013-08-15 - 06:44:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\41 [1048576] O61 - LFC: 2013-08-15 - 06:44:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\42 [1048576] O61 - LFC: 2013-08-15 - 06:44:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\43 [1048576] O61 - LFC: 2013-08-15 - 06:44:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\44 [1048576] O61 - LFC: 2013-08-15 - 06:44:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\45 [1048576] O61 - LFC: 2013-08-15 - 06:44:24 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\46 [1048576] O61 - LFC: 2013-08-15 - 06:44:25 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\47 [1048576] O61 - LFC: 2013-08-15 - 06:44:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\48 [1048576] O61 - LFC: 2013-08-15 - 06:44:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\49 [1048576] O61 - LFC: 2013-08-15 - 06:44:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\50 [1048576] O61 - LFC: 2013-08-15 - 06:44:27 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\51 [1048576] O61 - LFC: 2013-08-15 - 06:44:27 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\52 [1048576] O61 - LFC: 2013-08-15 - 06:44:28 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\53 [1048576] O61 - LFC: 2013-08-15 - 06:44:28 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\indexedDB\https+++mega.co.nz\idb\10543987361632726757435\54 [664521] O61 - LFC: 2013-08-15 - 06:56:10 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\XPC.mfl [488344] O61 - LFC: 2013-08-15 - 06:57:46 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.4.7.0\Profiles\odlf9im0.default\pluginreg.dat [10325] O61 - LFC: 2013-08-15 - 07:13:21 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\xpti.dat [100805] O61 - LFC: 2013-08-15 - 07:13:22 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\compreg.dat [139001] O61 - LFC: 2013-08-15 - 07:13:22 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\permissions.sqlite [2048] O61 - LFC: 2013-08-15 - 07:13:22 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\prefs.js [367] O61 - LFC: 2013-08-15 - 07:13:22 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\XPC.mfl [1489418] O61 - LFC: 2013-08-15 - 07:13:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\localstore.rdf [169] O61 - LFC: 2013-08-15 - 07:13:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\places.sqlite [135168] O61 - LFC: 2013-08-15 - 07:13:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\places.sqlite-journal [0] O61 - LFC: 2013-08-15 - 07:13:48 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.5.0.0\Profiles\wt33ud1x.default\pluginreg.dat [10324] O61 - LFC: 2013-08-15 - 07:22:38 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\xpti.dat [100805] O61 - LFC: 2013-08-15 - 07:22:40 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\compreg.dat [139001] O61 - LFC: 2013-08-15 - 07:22:41 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\permissions.sqlite [2048] O61 - LFC: 2013-08-15 - 07:22:41 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\prefs.js [367] O61 - LFC: 2013-08-15 - 07:22:41 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\XPC.mfl [1489418] O61 - LFC: 2013-08-15 - 07:22:42 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\localstore.rdf [169] O61 - LFC: 2013-08-15 - 07:22:42 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\places.sqlite [135168] O61 - LFC: 2013-08-15 - 07:22:42 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\places.sqlite-journal [0] O61 - LFC: 2013-08-15 - 12:49:50 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\content-prefs.sqlite [229376] O61 - LFC: 2013-08-15 - 12:52:40 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\DTLite.lnk [655] O61 - LFC: 2013-08-15 - 13:24:37 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Revouninstaller.lnk [813] O61 - LFC: 2013-08-15 - 13:33:18 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\CCleaner.lnk [622] =>Piriform Ltd O61 - LFC: 2013-08-15 - 13:40:03 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\mimeTypes.rdf [5711] O61 - LFC: 2013-08-15 - 13:40:05 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\Crack Renault CLIP.zip [433] O61 - LFC: 2013-08-15 - 13:42:33 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\dotnetfx35setup.exe [2959376] O61 - LFC: 2013-08-15 - 14:27:00 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\dotNetFx40_Full_setup.exe [889416] O61 - LFC: 2013-08-15 - 14:49:50 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\dotNetFx45_Full_setup.exe [1005568] O61 - LFC: 2013-08-15 - 17:51:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\install.rdf [929] O61 - LFC: 2013-08-15 - 17:51:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\Setup.exe [21304] O61 - LFC: 2013-08-15 - 17:51:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll [127288] O61 - LFC: 2013-08-15 - 17:51:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll [112952] O61 - LFC: 2013-08-15 - 17:51:10 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll [115512] O61 - LFC: 2013-08-15 - 19:11:33 -S-A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1454471165-602162358-1801674531-500\932a2db58c237abd381d22df4c63a04a_7f958a97-c2a4-4a3b-9096-8e6e5f339b28 [87] O61 - LFC: 2013-08-15 - 19:12:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\First Run [0] O61 - LFC: 2013-08-15 - 19:12:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\User StyleSheets\Custom.css [0] O61 - LFC: 2013-08-15 - 19:12:38 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [12288] O61 - LFC: 2013-08-15 - 19:13:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\README [180] O61 - LFC: 2013-08-15 - 19:13:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 2013-08-15 - 19:13:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOCK [0] O61 - LFC: 2013-08-15 - 19:13:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [47] O61 - LFC: 2013-08-15 - 19:13:35 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000002 [50] O61 - LFC: 2013-08-15 - 19:13:57 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [73728] O61 - LFC: 2013-08-15 - 19:14:05 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db [7168] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT [16] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\Paths\LOCK [0] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000002 [50] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOCK [0] O61 - LFC: 2013-08-15 - 19:14:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000002 [50] O61 - LFC: 2013-08-15 - 19:15:14 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [2310196] O61 - LFC: 2013-08-15 - 19:15:14 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [421306] O61 - LFC: 2013-08-15 - 19:15:14 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [849608] O61 - LFC: 2013-08-15 - 19:15:15 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135124] O61 - LFC: 2013-08-15 - 19:15:15 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19680] O61 - LFC: 2013-08-15 - 19:15:15 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [5940] O61 - LFC: 2013-08-15 - 19:15:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\Paths\LOG [47] O61 - LFC: 2013-08-15 - 19:15:25 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG [47] O61 - LFC: 2013-08-15 - 19:15:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\00\00000000 [195960844] O61 - LFC: 2013-08-15 - 19:16:04 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\000\t\.usage [24] O61 - LFC: 2013-08-15 - 19:16:07 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312] O61 - LFC: 2013-08-15 - 19:16:23 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [820] O61 - LFC: 2013-08-15 - 19:16:36 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 2013-08-15 - 19:19:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Local State [36502] O61 - LFC: 2013-08-15 - 19:19:05 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\chrome_shutdown_ms.txt [5] O61 - LFC: 2013-08-15 - 19:40:47 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [1831] O61 - LFC: 2013-08-15 - 21:00:43 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [10608] O61 - LFC: 2013-08-15 - 21:01:59 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [24576] O61 - LFC: 2013-08-15 - 21:02:00 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [11264] O61 - LFC: 2013-08-15 - 21:02:00 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [12288] O61 - LFC: 2013-08-15 - 21:02:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\History [94208] O61 - LFC: 2013-08-15 - 21:02:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [14336] O61 - LFC: 2013-08-16 - 16:39:41 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\Autocom Delphi Hardware KeyGen v2013.1.rar [130812] O61 - LFC: 2013-08-16 - 17:08:40 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\adwcleaner.exe [666633] O61 - LFC: 2013-08-16 - 17:15:03 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\bookmarkbackups\bookmarks-2013-08-16.json [166437] O61 - LFC: 2013-08-16 - 17:37:16 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\blocklist.xml [76870] O61 - LFC: 2013-08-16 - 17:40:50 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\WindowsXP-KB2686509-x86-FRA.exe [506112] O61 - LFC: 2013-08-16 - 17:48:08 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\SpyHunter-Installer.exe [726464] =>Crapware.SpyHunter O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk [1501] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk [1539] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk [1525] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk [1519] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk [1487] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk [1555] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk [1519] O61 - LFC: 2013-08-16 - 18:07:59 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk [1599] O61 - LFC: 2013-08-16 - 18:30:05 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\ZHPDiag.txt [53784] O61 - LFC: 2013-08-16 - 18:33:26 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\ZHPFixReport.txt [489] O61 - LFC: 2013-08-16 - 18:36:15 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\MBRCheck_08.16.13_19.36.10.txt [5650] O61 - LFC: 2013-08-16 - 18:46:03 -SHA- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Desktop.htt [2128] O61 - LFC: 2013-08-16 - 19:02:39 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [10191] O61 - LFC: 2013-08-16 - 19:05:07 -SHA- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768] O61 - LFC: 2013-08-16 - 19:05:07 -SHA- C:\Documents and Settings\Administrateur\IECompatCache\index.dat [65536] O61 - LFC: 2013-08-16 - 19:05:07 -SHA- C:\Documents and Settings\Administrateur\PrivacIE\index.dat [98304] O61 - LFC: 2013-08-16 - 19:06:38 ---A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\UserData\DHIBUBX4\oWindowsUpdate[1].xml [28] O61 - LFC: 2013-08-16 - 19:32:23 ---A- C:\Documents and Settings\Administrateur\Application Data\Actia\diagnostic2.7.1.0\Profiles\fwy55prd.default\pluginreg.dat [10575] O61 - LFC: 2013-08-16 - 21:34:31 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\healthreport\state.json [89] O61 - LFC: 2013-08-16 - 21:36:14 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\healthreport.sqlite [1146880] O61 - LFC: 2013-08-17 - 08:25:38 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\HiJackThis.exe [65369] O61 - LFC: 2013-08-17 - 08:27:12 ---A- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\HiJackThis\HiJackThis.lnk [2002] O61 - LFC: 2013-08-17 - 08:27:12 R--A- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe [388096] O61 - LFC: 2013-08-17 - 08:27:24 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\HiJackThis.lnk [2465] O61 - LFC: 2013-08-17 - 08:27:35 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\bookmarkbackups\bookmarks-2013-08-17.json [166679] O61 - LFC: 2013-08-17 - 08:27:35 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\key3.db [16384] O61 - LFC: 2013-08-17 - 08:27:36 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\places.sqlite [10485760] O61 - LFC: 2013-08-17 - 08:28:24 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\healthreport.sqlite-wal [0] O61 - LFC: 2013-08-17 - 08:35:23 ---A- C:\Documents and Settings\Administrateur\Mes documents\Telechargements\setup.exe [655200] O61 - LFC: 2013-08-17 - 08:40:10 R--A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\ComboFix.exe [5105390] O61 - LFC: 2013-08-17 - 08:40:53 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\cert8.db [131072] O61 - LFC: 2013-08-17 - 08:46:33 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\prefs.js.BAK [9198] O61 - LFC: 2013-08-17 - 08:49:12 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20130814063812 [10] O61 - LFC: 2013-08-17 - 08:49:15 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\addons.sqlite [524288] O61 - LFC: 2013-08-17 - 08:49:15 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\addons.sqlite-journal [295496] O61 - LFC: 2013-08-17 - 08:49:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions.sqlite [524288] O61 - LFC: 2013-08-17 - 08:49:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\extensions.sqlite-journal [361048] O61 - LFC: 2013-08-17 - 08:49:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\active-update.xml [57] O61 - LFC: 2013-08-17 - 08:49:17 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates.xml [1547] O61 - LFC: 2013-08-17 - 08:49:18 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\downloads.sqlite [98304] O61 - LFC: 2013-08-17 - 08:49:20 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\search.json [11641] O61 - LFC: 2013-08-17 - 08:50:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\signons.sqlite [327680] O61 - LFC: 2013-08-17 - 08:50:25 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\localstore.rdf [8380] O61 - LFC: 2013-08-17 - 08:57:25 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\sessionstore.bak [1038441] O61 - LFC: 2013-08-17 - 09:01:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\cookies.sqlite-wal [590288] O61 - LFC: 2013-08-17 - 09:01:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\permissions.sqlite [1867776] O61 - LFC: 2013-08-17 - 09:01:13 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [32786] O61 - LFC: 2013-08-17 - 09:03:30 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\cookies.sqlite-shm [32768] O61 - LFC: 2013-08-17 - 09:03:30 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\webappsstore.sqlite-shm [32768] O61 - LFC: 2013-08-17 - 09:03:32 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\pluginreg.dat [9586] O61 - LFC: 2013-08-17 - 09:03:46 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\places.sqlite-shm [32768] O61 - LFC: 2013-08-17 - 09:03:48 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\webapps\webapps.json [2] O61 - LFC: 2013-08-17 - 09:03:49 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\places.sqlite-wal [65616] O61 - LFC: 2013-08-17 - 09:03:57 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\urlclassifierkey3.txt [154] O61 - LFC: 2013-08-17 - 09:04:08 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\healthreport.sqlite-shm [32768] O61 - LFC: 2013-08-17 - 09:04:26 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\prefs.js [9492] O61 - LFC: 2013-08-17 - 09:05:01 ---A- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\startupCache\startupCache.4.little [1121096] O61 - LFC: 2013-08-17 - 09:05:45 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\webappsstore.sqlite [2621440] O61 - LFC: 2013-08-17 - 09:06:51 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\webappsstore.sqlite-wal [524704] O61 - LFC: 2013-08-17 - 09:08:21 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\MBRCheck.lnk [673] O61 - LFC: 2013-08-17 - 09:08:21 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\ZHPDiag.lnk [1523] O61 - LFC: 2013-08-17 - 09:08:21 ---A- C:\Documents and Settings\Administrateur\Bureau\Pour virus\ZHPFix.lnk [1628] O61 - LFC: 2013-08-17 - 09:08:40 -SHA- C:\Documents and Settings\Administrateur\IETldCache\index.dat [262144] O61 - LFC: 2013-08-17 - 09:10:01 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\cookies.sqlite [524288] O61 - LFC: 2013-08-17 - 09:10:17 ---A- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\8c23pt5f.default\sessionstore.js [1307838] ~ 1 Fichiers temporaires (Temporary files) ~ 7 Fichiers cookies (Cookies files) ~ Files: 615 Legitimates Filtered in 00mn 25s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 2011-08-30 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - 2012-11-26 - Pas de propriétaire (FastFreeConverterUpdt) .(...) - LEGACY_FASTFREECONVERTERUPDT O64 - Services: CurCS - 2008-07-03 - C:\AWRoot\bin\lib\firebird\bin\fbguard.exe (FirebirdGuardianDefaultInstance) .(.The Firebird Project - Firebird SQL Server.) - LEGACY_FIREBIRDGUARDIANDEFAULTINSTANCE O64 - Services: CurCS - 2011-03-11 - C:\WINDOWS\system32\ftspssrv.exe (ftspssrv) .(.FabulaTech - Serial Port Splitter service.) - LEGACY_FTSPSSRV O64 - Services: CurCS - 2010-02-18 - C:\WINDOWS\system32\vcsFPService.exe (vcsFPService) .(.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - LEGACY_VCSFPSERVICE ~ Legacy: 134 Legitimates Filtered in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.exe> [HKU\..\open\Command] (.Not Key.) ~ FASS Keys: 18 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Documents and Settings\Administrateur\Mes documents\Telechargements\Autocom Delphi Hardware KeyGen v2013.1.rar C:\Documents and Settings\Administrateur\Mes documents\Telechargements\Autocom Delphi Hardware KeyGen v2013.1.rar C:\Documents and Settings\Administrateur\Mes documents\Telechargements\Autocom Delphi Hardware KeyGen v2013.1.rar ~ Files: Scanned in 02mn 44s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.021B906B52E2A7DD8BB808355C49702F] [SPRF][2013-08-13] (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat [137] ~ Files: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.8B4D36F145A38E3D1714C6152EB5519C] [WIS][2013-08-12] (.Kaspersky Lab - Kaspersky PURE 3.0.) -- C:\Windows\Installer\493ba2.msi [4077568] ~ WIS: 69 Legitimates Filtered in 00mn 11s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 2013-08-13 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 2009-03-27 14336 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe SR - | Auto 2012-12-21 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 2013-04-11 643072 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 2012-12-20 356968 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe SR - | Auto 2011-08-30 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 2010-04-12 365912 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe SR - | Auto 2012-12-21 819040 | (CSObjectsSrv) . (.Infowatch.) - C:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe SS - | Demand 2008-04-13 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SR - | Auto 687104 | (FastFreeConverterUpdt) . (...) - C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe SR - | Auto 2008-07-03 65536 | (FirebirdGuardianDefaultInstance) . (.The Firebird Project.) - C:\AWRoot\bin\lib\firebird\bin\fbguard.exe SR - | Demand 2008-07-03 1527893 | (FirebirdServerDefaultInstance) . (.The Firebird Project.) - C:\AWRoot\bin\lib\firebird\bin\fbserver.exe SR - | Auto 2011-03-11 708608 | (ftspssrv) . (.FabulaTech.) - C:\WINDOWS\system32\ftspssrv.exe SS - | Auto 2013-08-15 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 2013-08-15 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 2013-05-31 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 2013-08-13 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - c:\Program Files\Java\jre7\bin\jqs.exe SR - | Auto 2009-11-04 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 2013-08-04 1783632 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SS - | Demand 2013-08-17 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 2010-09-08 254034 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV.exe SR - | Auto 2009-11-04 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 2010-02-18 1664304 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\WINDOWS\system32\vcsFPService.exe ~ Services: Scanned in 00mn 12s ---\\ Recherche dinfection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ MBR: 1 Legitimates Filtered in 00mn 02s ---\\ Recherche dinfection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Administrateur at 2013-08-17 10:14:12 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 05s ---\\ Scan Additionnel (O88) Database Version : v2.12855 - (2013-08-15) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 C:\Documents and Settings\Administrateur\Mes documents\Telechargements\SpyHunter-Installer.exe [726464] =>Crapware.SpyHunter^ ~ Additionnel Scan: 185316 Items scanned in 00mn 11s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter ~ MSI: 1 link(s) detected in 00mn 11s ~ 2132 Legitimates filtered by white list End of the scan (952 lines in 05mn 02s)(3)