Sujet Précédent Sujet Suivant

PC infecté par

Fermé
arolbas - 2 févr. 2009 à 07:49
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 - 2 févr. 2009 à 15:18
Bonjour,
Comme pas mal de monde semble-t-il, mon PC et mon portable sont touchés par le syndrome "Contextual ads by milehighads".
Quelqu'un peut-il m'aider ?
Merci
A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 09:35
Salut,

Peux tu faire un scan hijack this,

Fais "do a scan and save a log",copies le rapport (ctrl+c) et postes le (ctrl+v) sur cette page


http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
0
Réponse 2 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 3 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 4 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 6 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 7 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 8 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 9 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 10 / 23
arolbas
2 févr. 2009 à 10:04
Merci à loloetseb pour cette réponse rapide.

Ci-dessous, le résultat du scan.

@+

Rapport de ZHPDiag v1.16.5 par Nicolas Coolman
Enregistré le 02/02/2009 07:26:00
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.1)

---\\ Processus lancés
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SearchIndexer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/firefox&client=firefox-a&rls=com.google:fr:official
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {327c4639-dc5f-2765-a5ff-4ffd3fb90bea} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra 'Tools' menuitem: Windows Messenger - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - AppInit_DLLs:C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Recherche Windows (WSearch) - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

---\\ Enumération des composants Active Desktop (O24)
O24 - Desktop Component 0: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Personnalisation du navigateur - {60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file)
O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote d'unité 61883 (61883) - C:\WINDOWS\system32\DRIVERS\61883.sys
O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys
O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS
O41 - Driver: Pilote de processeur AMD HwPState (AmdPPM) - C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys
O41 - Driver: ASAPIW2K (ASAPIW2k) - C:\WINDOWS\system32\drivers\ASAPIW2k.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys
O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys
O41 - Driver: Périphérique AVC (Avc) - C:\WINDOWS\system32\DRIVERS\avc.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: ASUS TV7134 WDM Video Capture (Cap7134) - C:\WINDOWS\system32\DRIVERS\Cap7134.sys
O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: CdaC15BA (CdaC15BA) - C:\WINDOWS\system32\drivers\CDAC15BA.SYS
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\drivers\fltmgr.sys
O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys
O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\drivers\ip6fw.sys
O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Pinnacle Marvin Bus (MarvinBus) - C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys
O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft DV Camera and VCR (MSDV) - C:\WINDOWS\system32\DRIVERS\msdv.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys
O41 - Driver: NUID filter driver (NuidFltr) - C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys
O41 - Driver: PCLEPCI (PCLEPCI) - C:\WINDOWS\system32\drivers\pclepci.sys
O41 - Driver: ASUS WDM TV Tuner (PhTVTune) - C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: Pilote processeur (Processor) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys
O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
O41 - Driver: Pilote de bus de transport/protocole SBP-2 (sbp2port) - C:\WINDOWS\system32\DRIVERS\sbp2port.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys
O41 - Driver: Prolific Serial port driver (Ser2pl) - C:\WINDOWS\system32\DRIVERS\ser2pl.sys
O41 - Driver: Serenum Filter Driver (Serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys
O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys
O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys
O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys
O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys
O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys
O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Pilote de stockage de masse USB (usbstor) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Wdf01000 (Wdf01000) - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: adsl TV
O42 - Logiciel: AIDA32 v3.93
O42 - Logiciel: AlerteGPS G300
O42 - Logiciel: Antidote
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Contextual Tool Milehighads
O42 - Logiciel: dMC 10.1
O42 - Logiciel: eMule
O42 - Logiciel: eMule Super Booster
O42 - Logiciel: Gadwin PrintScreen
O42 - Logiciel: Glary Utilities 2.9.0.518
O42 - Logiciel: Google Desktop
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Pinnacle Hollywood FX
O42 - Logiciel: HP Imaging Device Functions 5.0
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.0
O42 - Logiciel: HP Extended Capabilities 5.0
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: IncrediMail
O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce
O42 - Logiciel: Windows Desktop Search 3.01
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471)
O42 - Logiciel: K-Lite Mega Codec Pack 3.8.5
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Malwarebytes' RogueRemover
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 3.5
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra
O42 - Logiciel: Mozilla Firefox (3.0.1)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: MSN
O42 - Logiciel: Nero Suite
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: Notepad++
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: ObjectDock
O42 - Logiciel: OrphansRemover version 1.8.9.36
O42 - Logiciel: PC-Bibliothek
O42 - Logiciel: Picasa 2
O42 - Logiciel: SEEm 3.2
O42 - Logiciel: TerraExplorer
O42 - Logiciel: VideoLAN VLC media player 0.8.6f
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
O42 - Logiciel: Windows Imaging Component
O42 - Logiciel: Windows Media Encoder 9 Series
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: Zoom Player (remove only)
O42 - Logiciel: MSXML 6.0 Parser (KB933579)
O42 - Logiciel: Windows Installer Clean Up
O42 - Logiciel: HP Software Update
O42 - Logiciel: Client Windows Rights Management avec Service Pack 2
O42 - Logiciel: Google Earth
O42 - Logiciel: Google Toolbar for Internet Explorer
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 3
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 5
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: OpenOffice.org Installer 1.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: Photorécit 3 pour Windows
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA
O42 - Logiciel: TuneUp Utilities 2008
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra
O42 - Logiciel: PhotoImpression 5
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Bonjour
O42 - Logiciel: QuickTime
O42 - Logiciel: VC_MergeModuleToMSI
O42 - Logiciel: Microsoft Office Professional Edition 2003
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Studio 9
O42 - Logiciel: QuarkXPress 7.0
O42 - Logiciel: Adobe Reader 8.1.3 - Français
O42 - Logiciel: Korean Fonts Support For Adobe Reader 8
O42 - Logiciel: ABBYY FineReader 6.0
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint
O42 - Logiciel: AusLogics Disk Defrag
O42 - Logiciel: HP Photosmart Essential
O42 - Logiciel: ScanToWeb
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: SP2 de compatibilité descendante du client Windows Rights Management
O42 - Logiciel: PL-2303 USB-to-Serial
O42 - Logiciel: VirginMega.Fr Premium
O42 - Logiciel: Adobe Photoshop CS
O42 - Logiciel: Realtek AC'97 Audio
O42 - Logiciel: Composant de Presto! BizCard 4.0 pour Windows CE

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Stardock
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CONFIG.NT -->03/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\cont_milehighads-remove.exe -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->27/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->10/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->13/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NvApps.xml -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvModes.dat -->16/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->22/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\rbap350.dll -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\RBQT350.DLL -->09/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\Thumbs.db -->06/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->10/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->29/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->04/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->11/12/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-24548733.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADSLTV.EXE-169792DE.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGCMGR.EXE-1D29CBA8.pf -->17/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-11EBE658.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-32FAE179.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-347FCF75.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DR WEB_LAUNCH.EXE-26CBBB5C.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE SUPER BOOSTER.EXE-05AD03E6.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-2A971BEB.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FONTVIEW.EXE-08548073.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATER.EXE-2CAF5929.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUP.EXE-19CD57B1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-101DF2F1.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPP.EXE-093362B0.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMNOTFY.EXE-39B9FFE6.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INCMAIL.EXE-1D49117E.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LAUNCH[1].EXE-0C9C8BF4.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPLAY32.EXE-1B8177AD.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD++.EXE-14917D45.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OBJECTDOCK.EXE-30FAA3E7.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ORPHANSREMOVER.EXE-059094E9.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PHOTOSHOP.EXE-0F636D88.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PICTUREVIEWER.EXE-024E2984.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-0C5BC219.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PRINTSCREEN.EXE-2DC7A8AF.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-138AD419.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-175237C9.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1877DB4F.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19EE998E.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A61D48B.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BB73578.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-24E24351.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-25BC3CCE.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-284D39BC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-28C2BE18.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-297724DB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A94BB85.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B3A803D.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34C7367B.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-372BC29C.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EE46B6.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F96DE54.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3FE79EA5.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4128CA6D.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-453B57A4.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46C99E72.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46FD57D1.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-47352368.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-49A346FD.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B63F790.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C39A487.pf -->30/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-148579FB.pf -->08/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-34E0253A.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2EDB98EC.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOL.EXE-1C0C14EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSTEXT3D.SCR-17B3B9DD.pf -->28/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-264167D5.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->29/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WIAACMGR.EXE-212ED878.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf -->31/01/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-37F6AE09.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->01/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-25BE410C.pf -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_START.EXE-1FA6512F.pf -->01/02/2009

---\\ ShellExecuteHooks, Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys


End of the scan:
0
Réponse 11 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 10:20
Télécharge SmitfraudFix (de S!Ri, balltrap34 et moe31)

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Tutorial ici

http://www.malekal.com/tutorial_SmitFraudfix.php

- Enregistre-le sur le bureau
- Double-clique sur SmitfraudFix.exe et choisis l’option 1 puis Entrée
- Un rapport sera généré, poste-le dans ta prochaine réponse.
Note :
Process.exe est détecté par certains antivirus comme étant un risktool. Il ne s’agit pas d’un virus mais d’un utilitaire destiné à mettre fin à des processus.

/!\ Ne fais l’étape 2 que si on te le demande, on doit d’abord examiner le premier rapport de SmitfraudFix /!\
0
Réponse 12 / 23
arolbas
2 févr. 2009 à 10:38
Après avoir installé et ouvert SmitFraudFix, je ne dispose pas de la commande SmitfraudFix.exe dans la liste des fichiers et dossiers affichés
0
Réponse 13 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 10:40
Supprimes smitfraud,retelecharges le,avant de l'executer renommes le smitfraud-fix
0
Réponse 14 / 23
arolbas
2 févr. 2009 à 10:53
Je suppose que c'est cette analyse que tu attends ?

SmitFraudFix v2.392

Rapport fait à 10:50:33,14, 02/02/2009
Executé à partir de C:\Documents and Settings\dany\Incomplete\Bureau\smitfraud-Fix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\dany


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\dany\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\dany\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\dany\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Google\googletoolbar1.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg"
"SubscribedURL"="file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg"
"FriendlyName"=""

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg"
"SubscribedURL"="file:///C:/DOCUME~1/dany/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

HKLM\SYSTEM\CCS\Services\Tcpip\..\{FE7B8FD9-2659-490D-A53A-4772D4F7A016}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{FE7B8FD9-2659-490D-A53A-4772D4F7A016}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{FE7B8FD9-2659-490D-A53A-4772D4F7A016}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 15 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 11:03
Nettoyage :

Redémarre en mode sans échec, pour cela, redémarre l’ordinateur, avant le logo Windows, tapote sur la touche F8.
Un menu va apparaître, choisis Mode sans échec grâce aux flèches directionnelles de ton clavier et appuie ensuite sur le touche Entrée de ton clavier.

- Lance SmitfraudFix double clic sur SmitfraudFix.cmd (ne clique sur aucun autre fichier)
- Choisis l’option 2 et appuie sur Entrée
- Réponds o (Oui) aux deux questions suivantes si elles sont posées
- Un rapport sera généré sauvegarde le dans un dossier.

Redémarre en mode normal :
- Menu Démarrer
- Arrêter
- Redémarre l’ordinateur

Poste l’intégralité du rapport que tu as sauvegardé.

Ensuite


Télécharge Malwarebytes’ Anti-Malware

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

- Sur la page cliques sur Télécharger Malwarebyte’s Anti-Malware
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d’installation
- Lorsqu’il te le sera demandé, met à jour Malwarebytes anti malware
- Si le pare-feu demande l’autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-cliques sur l’icône de malwarebytes pour le relancer
- Dans l’onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l’analyse, un message s’affiche : L’examen s’est terminé normalement. Cliquez sur ‘Afficher les résultats’ pour afficher tous les objets trouvés.
- Cliques sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d’analyse.
- Rends toi dans l’onglet rapport/log
- Tu cliques dessus pour l’afficher une fois affiché
- Tu cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller

Si tu as besoin d’aide regarde ce tutorial

https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
0
Réponse 16 / 23
arolbas
2 févr. 2009 à 12:40
Résultat sans surpise du scan Malwarbytes ci-dessous.

@+

Malwarebytes' Anti-Malware 1.14
Version de la base de données: 800

12:36:39 02/02/2009
mbam-log-2-2-2009 (12-36-39).txt

Type de recherche: Examen rapide
Eléments examinés: 35610
Temps écoulé: 3 minute(s), 27 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 17 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 12:50
Peux tu me poster le rapport smitfraudfix en mode 2 ainsi qu'un nouveau rapport hijack this
0
Réponse 18 / 23
arolbas
2 févr. 2009 à 13:15
Il y a du nouveau... smitfraudfix en mode 2 me supprime l'affichage du bureau avant le démarrage, et bloque totalement le PC à la fin du scan, mais le scan est réalisé, et impossible de copier le résultat puisque je n'ai plus ni bureau, ni PC.
Je suis obligé de couper l'alimentation et de relancer l'ordi... mais ensuite il fonctionne normalement (2 tentatives).
@+
0
Réponse 19 / 23
loloetseb Messages postés 5508 Date d'inscription dimanche 14 décembre 2008 Statut Membre Dernière intervention 22 avril 2012 174
2 févr. 2009 à 13:22
Bon si smitfraudfix a fonctionné et que tu as pu redémarré c'est le principal (tu as récupéré ton bureau après le redémarrage?)

1)Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option "1" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
0
Réponse 20 / 23
arolbas
2 févr. 2009 à 13:34
OK pour le rapport ToolbrSD



-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : dany ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:88 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 02/02/2009|13:30 )

-----------\\ Recherche de Fichiers / Dossiers ...

\...\{2bae58c2-79f9-45d1-a286-81f911301c3a} - (p2p_energy)

-----------\\ Extensions

(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

(dany) - {2bae58c2-79f9-45d1-a286-81f911301c3a} => p2p_energy
(dany) - {73a6fe31-595d-460b-a920-fcc0f8843232} => noscript
(dany) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(dany) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\dany\Mon dossier informatique\Domaine Perso\Logiciels … installer\Analyseurs Nettoyeurs d'ordi\Spyware-Doctor\Total Uninstall 4.8.0(NEW-with serial key)\Total Uninstall 4.8.0\Crack
C:\DOCUME~1\dany\Mon dossier informatique\Domaine Perso\Logiciels … installer\Analyseurs Nettoyeurs d'ordi\Spyware-Doctor\Total Uninstall 4.8.0(NEW-with serial key)\Total Uninstall 4.8.0\Crack\Tu.exe



1 - "C:\ToolBar SD\TB_1.txt" - 13/01/2009| 9:41 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 13/01/2009| 9:45 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 15/01/2009|23:15 - Option : [2]
4 - "C:\ToolBar SD\TB_4.txt" - 16/01/2009| 7:45 - Option : [1]
5 - "C:\ToolBar SD\TB_5.txt" - 17/01/2009|13:03 - Option : [2]
6 - "C:\ToolBar SD\TB_6.txt" - 18/01/2009|20:14 - Option : [2]
7 - "C:\ToolBar SD\TB_7.txt" - 26/01/2009|10:56 - Option : [2]
8 - "C:\ToolBar SD\TB_8.txt" - 28/01/2009| 8:50 - Option : [2]
9 - "C:\ToolBar SD\TB_9.txt" - 02/02/2009|13:31 - Option : [1]

-----------\\ Fin du rapport a 13:31:35,68
0