Rapport zhpdiag (infection ?)

lentjus · le 17 mai 2009

Bonjour à tous,

Voici mon rapport

Rapport de ZHPDiag v1.21 par Nicolas Coolman

Enregistré le 17/05/2009 16:16:49

Platform : Microsoft Windows XP (5.1.2600) Service Pack 2

MSIE: Internet Explorer v7.0.5730.11

OPIE: Opera 9.64

MFIE: Mozilla Firefox (3.0.10)

---\\ Processus lancés

C:\PROGRA~1\Sygate\SPF\smc.exe

C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe

C:\WINDOWS\vVX1000.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

Logi_MwX.Exe

C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe

C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe

C:\Temp\firefoxultimateoptimizer11\Firefox Ultimate Optimizer.exe

C:\Program Files\Spamihilator\spamihilator.exe

C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe

C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe

C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\ati2sgag.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\TUProgSt.exe

---\\ Plugin du navigateur Opera (P1)

P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npdsplay.dll

P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\NPSWF32.dll

P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe

P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npwmsdrm.dll

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.pcastuces.com/default.asp

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"

O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe

O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"

O4 - HKLM\..\Run: [FirefoxUltimateOptimizer] "C:\Temp\firefoxultimateoptimizer11\Firefox Ultimate Optimizer.exe"

O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe

O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKLM\..\policies\Explorer: [LinkResolveIgnoreLinkInfo] Data="0"

O4 - HKLM\..\policies\Explorer: [NoResolveSearch] Data="1"

O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data="67108863"

O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="323"

O4 - HKLM\..\policies\Explorer: [NoDrives] Data="0"

O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1"

O4 - HKLM\..\policies\Explorer: [NoCDBurning] Data="0"

O4 - HKLM\..\policies\Explorer: [NoFolderOptions] Data="0"

O4 - Global Startup: Memo 4.05.lnk - C:\Utilitaires\Remember405\Memo.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass

O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms

O8 - Extra context menu item: Remplissage de Formulaire LastPass - file://C:\Program Files\LastPass\context.html?cmd=fillforms

---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)

O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

---\\ Site indésirable dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: *

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - file:///C:/WINDOWS/Java/classes/xmldso.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\Messenger\MSGRAP~1.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: AtiStartupEvent - C:\WINDOWS\System32\Ati2evxx.dll

O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe

O23 - Service: Planificateur Avira AntiVir Premium (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe

O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe

O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE

O23 - Service: (Ati HotKey Poller) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart (ATI Smart) - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Service d'assistance Avira AntiVir Premium MailGuard (AVEService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe

O23 - Service: Diskeeper (Diskeeper) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: LexBce Server (LexBceS) - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: MSCamSvc (MSCamSvc) - C:\Program Files\Microsoft LifeCam\MSCamS32.exe

O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: Sygate Personal Firewall (SmcService) - C:\Program Files\Sygate\SPF\smc.exe

O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - C:\WINDOWS\System32\TUProgSt.exe

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE

O40 - ASIC: Viewpoint Media Player - {03F998B2-0E00-11D3-A498-00104B6EB52E} - (not file)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)

O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)

O40 - ASIC: Viewpoint Media Player - {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream.dll

O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll

O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\system32\Adobe\Director\SwDir.dll

O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)

O40 - ASIC: Adobe Shockwave Director 11.0.3 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)

O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll

O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)

O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file)

O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)

O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)

O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)

O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)

O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)

O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)

O40 - ASIC: .NET Framework - {72AD53CC-CCC0-3757-8480-9EE176866A7C} - (not file)

O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser

O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file)

O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)

O40 - ASIC: Fax Provider - {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider

O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)

O40 - ASIC: (no name) - {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - (not file)

O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file)

O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)

O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)

O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)

O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)

O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx

O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys

O41 - Driver: Creative Modem Blaster V.92 DI5733 (AgereSoftModem) - C:\WINDOWS\system32\DRIVERS\AGRSM.sys

O41 - Driver: Service for Realtek AC97 Audio (WDM) (ALCXWDM) - C:\WINDOWS\system32\drivers\ALCXWDM.SYS

O41 - Driver: Pilote de processeur AMD K7 (AmdK7) - C:\WINDOWS\system32\DRIVERS\amdk7.sys

O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys

O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys

O41 - Driver: (no object) (ati2mtag) - C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys

O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys

O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys

O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys

O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys

O41 - Driver: Belarc SMBios Access (BANTExt) - C:\WINDOWS\System32\Drivers\BANTExt.sys

O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys

O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys

O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys

O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys

O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys

O41 - Driver: DeskSoft Service (dsnpfd) - C:\WINDOWS\system32\DRIVERS\dsnpfd.sys

O41 - Driver: Pilote de la carte EtherLink XL 90XB/C 3Com (EL90XBC) - C:\WINDOWS\system32\DRIVERS\el90xbc5.sys

O41 - Driver: FBAPI (FBAPI) - C:\WINDOWS\system32\drivers\FBAPI.sys

O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys

O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys

O41 - Driver: Pilote de classe HID Microsoft (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys

O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys

O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys

O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys

O41 - Driver: Logitech PS/2 Mouse Filter Driver (L8042pr2) - C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys

O41 - Driver: Logitech Mouse Class Filter Driver (LMouFlt2) - C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys

O41 - Driver: Périphérique de filtrage de flux Unimodem (MODEMCSA) - C:\WINDOWS\system32\drivers\MODEMCSA.sys

O41 - Driver: MRENDIS5 NDIS Protocol Driver (MRENDIS5) - C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS

O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys

O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys

O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys

O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys

O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys

O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys

O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys

O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys

O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys

O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys

O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys

O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

O41 - Driver: Contrôleur hôte compatible IEE 1394 VIA OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys

O41 - Driver: Padus ASPI Shell (pfc) - C:\WINDOWS\system32\drivers\pfc.sys

O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys

O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys

O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys

O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys

O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys

O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys

O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver (RTL8023xp) - C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys

O41 - Driver: Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) (rtl8139) - C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys

O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys

O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys

O41 - Driver: Acronis Snapshots Manager (snapman) - C:\WINDOWS\system32\DRIVERS\snapman.sys

O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys

O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys

O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys

O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys

O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys

O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys

O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys

O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys

O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: Teefer for NT (Teefer) - C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys

O41 - Driver: Acronis TrueImage FS Filter (tifsfilter) - C:\WINDOWS\system32\DRIVERS\tifsfilt.sys

O41 - Driver: Acronis TrueImage Backup Archive Explorer (timounter) - C:\WINDOWS\system32\DRIVERS\timntr.sys

O41 - Driver: Filtre AGP version 3.5 Microsoft (uagp35) - C:\WINDOWS\system32\DRIVERS\uagp35.sys

O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys

O41 - Driver: USB Audio Driver (WDM) (usbaudio) - C:\WINDOWS\system32\drivers\usbaudio.sys

O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys

O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys

O41 - Driver: DSC Composite USB Device (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys

O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys

O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys

O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\system32\DRIVERS\usbuhci.sys

O41 - Driver: VIA AGP Filter (viaagp1) - C:\WINDOWS\system32\DRIVERS\viaagp1.sys

O41 - Driver: VX-1000 (VX1000) - C:\WINDOWS\system32\DRIVERS\VX1000.sys

O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys

O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys

O41 - Driver: SyGate for NT, wg3n (wg3n) - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys

O41 - Driver: SyGate for NT, wg4n (wg4n) - C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys

O41 - Driver: SyGate for NT, wg5n (wg5n) - C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys

O41 - Driver: SyGate for NT, wg6n (wg6n) - C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys

O41 - Driver: wpsdrvnt (wpsdrvnt) - C:\WINDOWS\system32\drivers\wpsdrvnt.sys

O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys

O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: 10-Strike SearchMyDiscs

O42 - Logiciel: ABBYY FineReader 5.0 Sprint

O42 - Logiciel: AM-DeadLink 3.3

O42 - Logiciel: ATI - Software Uninstall Utility

O42 - Logiciel: ATI Control Panel

O42 - Logiciel: ATI Display Driver

O42 - Logiciel: Adobe Flash Player 10 ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin

O42 - Logiciel: Adobe Photoshop Album 2.0

O42 - Logiciel: Adobe Shockwave Player 11.5

O42 - Logiciel: Advanced SystemCare 3

O42 - Logiciel: AmiFoot 6.04.02

O42 - Logiciel: ArcSoft PhotoImpression

O42 - Logiciel: Atomic Alarm Clock 5.85

O42 - Logiciel: Avira AntiVir Premium

O42 - Logiciel: BMS Calculatrice Euro 2.6

O42 - Logiciel: Belarc Advisor 7.2

O42 - Logiciel: CCleaner (remove only)

O42 - Logiciel: CDBurnerXP

O42 - Logiciel: CDSlave

O42 - Logiciel: ClickImpôts first step 2009 2009.2.037

O42 - Logiciel: Cloneur Expert

O42 - Logiciel: Cobian Backup 9

O42 - Logiciel: Code de la Route Pratic

O42 - Logiciel: CodeStuff Starter

O42 - Logiciel: CopyRightLeft 0.4 Beta

O42 - Logiciel: Creative Modem Blaster V.92 DI5733

O42 - Logiciel: CréditCalc 2.76

O42 - Logiciel: Diskeeper 2009 Pro Premier

O42 - Logiciel: ERUNT 1.1j

O42 - Logiciel: EnveloppesEditor1.09

O42 - Logiciel: EssentialPIM

O42 - Logiciel: EssentialPIM Pro

O42 - Logiciel: EuroThink Consommation

O42 - Logiciel: Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP

O42 - Logiciel: FastStone Capture 5.3 (French)

O42 - Logiciel: FaxTools

O42 - Logiciel: FenAffiche

O42 - Logiciel: FindyKill

O42 - Logiciel: FotoTagger 2.13.0.1

O42 - Logiciel: Foxit Reader

O42 - Logiciel: FreeMeter

O42 - Logiciel: Glary Utilities 2.12.0.658

O42 - Logiciel: Google Toolbar for Internet Explorer

O42 - Logiciel: Google Update

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

O42 - Logiciel: Image Mender 1.1

O42 - Logiciel: Installation Windows Live

O42 - Logiciel: IsoBuster 2.5

O42 - Logiciel: Java 6 Update 13

O42 - Logiciel: KC Softwares IDPhotoStudio

O42 - Logiciel: KC Softwares SUMo

O42 - Logiciel: LISTAC la version 2.01 du 23/03/04

O42 - Logiciel: LeConjugueur

O42 - Logiciel: Lecteur Windows Media 11

O42 - Logiciel: LedConsommation 4.1.12

O42 - Logiciel: Lexmark 3100 Series

O42 - Logiciel: Logitech MouseWare 9.80

O42 - Logiciel: MEDIADICO pour votre PC

O42 - Logiciel: MSVCRT

O42 - Logiciel: MSXML 6 Service Pack 2 (KB954459)

O42 - Logiciel: MV RegClean 5.9 Français

O42 - Logiciel: Malwarebytes' Anti-Malware

O42 - Logiciel: Messenger Plus! Live

O42 - Logiciel: Microsoft .NET Framework 1.1

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack

O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366)

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

O42 - Logiciel: Microsoft .NET Framework 3.5

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft Baseline Security Analyzer 2.0.1

O42 - Logiciel: Microsoft Baseline Security Analyzer 2.1

O42 - Logiciel: Microsoft LifeCam

O42 - Logiciel: Microsoft Money

O42 - Logiciel: Microsoft Office 2000 Professional

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2003

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra

O42 - Logiciel: Mon Carnet d'Adresses

O42 - Logiciel: Mozilla Firefox (3.0.10)

O42 - Logiciel: NFO viewer v 2.1

O42 - Logiciel: Opera 9.64

O42 - Logiciel: Outil de téléchargement Windows Live

O42 - Logiciel: POP Peeper

O42 - Logiciel: Picasa 3

O42 - Logiciel: PowerQuest PartitionMagic 8.0

O42 - Logiciel: PowerpointImageExtractor

O42 - Logiciel: PyGrenouille- - 1.13.3.8

O42 - Logiciel: Radio Fr Solo 2.0

O42 - Logiciel: Realtek AC'97 Audio

O42 - Logiciel: Recover Pro

O42 - Logiciel: Remember405

O42 - Logiciel: Revo Uninstaller 1.83

O42 - Logiciel: Secu v3

O42 - Logiciel: Segoe UI

O42 - Logiciel: SetBrowser 1.4

O42 - Logiciel: SnagIt 8

O42 - Logiciel: Spamihilator

O42 - Logiciel: Spybot - Search & Destroy

O42 - Logiciel: Statfoot32

O42 - Logiciel: Suppress plus 1.8

O42 - Logiciel: Sygate Personal Firewall

O42 - Logiciel: Total Uninstall 4.9.5

O42 - Logiciel: TuneUp Utilities 2009

O42 - Logiciel: VLC media player 0.9.9

O42 - Logiciel: VSO Image Resizer 2.1.8.2

O42 - Logiciel: Viewpoint Media Player

O42 - Logiciel: Visionneuse Journal Windows Microsoft

O42 - Logiciel: Visual C++ CRT 8.0

O42 - Logiciel: Visual C++ CRT 9.0

O42 - Logiciel: Visual C++ CRT 9.0 SP1

O42 - Logiciel: WinPatrol 2009

O42 - Logiciel: WinRAR archiver

O42 - Logiciel: Windows Installer Clean Up

O42 - Logiciel: Windows Internet Explorer 7

O42 - Logiciel: Windows Live Communications Platform

O42 - Logiciel: Windows Media Connect

O42 - Logiciel: Windows Media Format 11 runtime

O42 - Logiciel: Windows Media Player Firefox Plugin

O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0

O42 - Logiciel: ZebHelpProcess 2.33.12

O42 - Logiciel: burnatonce

O42 - Logiciel: filehippo.com Update Checker

O42 - Logiciel: i-Covers 2008.a

O42 - Logiciel: iCF Skin Pack

O42 - Logiciel: iColorFolder

O42 - Logiciel: jv16 PowerTools 2009 1.9.0.550

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Acronis

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Designer

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Diskeeper Corporation

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Fellowes

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Logitech

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\WindowsLiveInstaller

O43 - CFD:Common File Directory - C:\Program Files\Common Files\Borland Shared

O43 - CFD:Common File Directory - C:\Program Files\Common Files\Download Manager

O43 - CFD:Common File Directory - C:\Program Files\Common Files\Motive

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)

O44 - LFC:Last File Created - C:\WINDOWS\System32\AdmList.txt -->04/04/2009 - 21:53:06

O44 - LFC:Last File Created - C:\WINDOWS\System32\advpack.dll -->20/02/2009 - 18:10:46

O44 - LFC:Last File Created - C:\WINDOWS\System32\deploytk.dll -->26/03/2009 - 14:42:21

O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtmsft.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtrans.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\Engine3D.dll -->21/03/2009 - 16:10:45

O44 - LFC:Last File Created - C:\WINDOWS\System32\extmgr.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->15/04/2009 - 11:02:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\GPhotos.scr -->01/05/2009 - 19:30:36

O44 - LFC:Last File Created - C:\WINDOWS\System32\html.iec -->20/02/2009 - 11:21:18

O44 - LFC:Last File Created - C:\WINDOWS\System32\icardie.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\ie4uinit.exe -->20/02/2009 - 11:20:49

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakeng.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieaksie.dll -->20/02/2009 - 18:10:47

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakui.dll -->20/02/2009 - 06:14:12

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieapfltr.dll -->20/02/2009 - 18:10:48

O44 - LFC:Last File Created - C:\WINDOWS\System32\iedkcs32.dll -->20/02/2009 - 18:10:48

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieencode.dll -->20/02/2009 - 18:10:57

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->20/02/2009 - 18:10:50

O44 - LFC:Last File Created - C:\WINDOWS\System32\iernonce.dll -->20/02/2009 - 18:10:50

O44 - LFC:Last File Created - C:\WINDOWS\System32\iertutil.dll -->20/02/2009 - 18:10:50

O44 - LFC:Last File Created - C:\WINDOWS\System32\ieudinit.exe -->20/02/2009 - 11:20:49

O44 - LFC:Last File Created - C:\WINDOWS\System32\inetcpl.cpl -->20/02/2009 - 18:10:52

O44 - LFC:Last File Created - C:\WINDOWS\System32\java.exe -->26/03/2009 - 14:42:22

O44 - LFC:Last File Created - C:\WINDOWS\System32\javacpl.cpl -->26/03/2009 - 14:42:22

O44 - LFC:Last File Created - C:\WINDOWS\System32\javaw.exe -->26/03/2009 - 14:42:22

O44 - LFC:Last File Created - C:\WINDOWS\System32\javaws.exe -->26/03/2009 - 14:42:22

O44 - LFC:Last File Created - C:\WINDOWS\System32\jsproxy.dll -->20/02/2009 - 18:10:52

O44 - LFC:Last File Created - C:\WINDOWS\System32\jupdate-1.6.0_13-b03.log -->25/03/2009 - 17:55:35

O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21/03/2009 - 15:20:10

O44 - LFC:Last File Created - C:\WINDOWS\System32\mapisvc.inf -->21/04/2009 - 16:43:17

O44 - LFC:Last File Created - C:\WINDOWS\System32\mlfcache.dat -->22/04/2009 - 16:11:14

O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/05/2009 - 08:16:29

O44 - LFC:Last File Created - C:\WINDOWS\System32\msctfime.ime -->27/02/2009 - 06:07:38

O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeeds.dll -->20/02/2009 - 18:10:52

O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeedsbs.dll -->20/02/2009 - 18:10:52

O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->20/02/2009 - 18:10:54

O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtmled.dll -->20/02/2009 - 18:10:54

O44 - LFC:Last File Created - C:\WINDOWS\System32\msrating.dll -->20/02/2009 - 18:10:55

O44 - LFC:Last File Created - C:\WINDOWS\System32\MStbjs64.Tpe -->23/04/2009 - 13:49:24

O44 - LFC:Last File Created - C:\WINDOWS\System32\mstime.dll -->20/02/2009 - 18:10:55

O44 - LFC:Last File Created - C:\WINDOWS\System32\occache.dll -->20/02/2009 - 18:10:55

O44 - LFC:Last File Created - C:\WINDOWS\System32\pdh.dll -->06/03/2009 - 15:46:15

O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->21/04/2009 - 16:43:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->21/04/2009 - 16:43:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->21/04/2009 - 16:43:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->21/04/2009 - 16:43:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->21/04/2009 - 16:43:41

O44 - LFC:Last File Created - C:\WINDOWS\System32\pngfilt.dll -->20/02/2009 - 18:10:55

O44 - LFC:Last File Created - C:\WINDOWS\System32\STEC.PRO -->16/05/2009 - 21:58:48

O44 - LFC:Last File Created - C:\WINDOWS\System32\stlport_vc646.dll -->21/03/2009 - 16:10:45

O44 - LFC:Last File Created - C:\WINDOWS\System32\TuneUpDefragService.exe -->05/05/2009 - 14:27:29

O44 - LFC:Last File Created - C:\WINDOWS\System32\TUProgSt.exe -->05/05/2009 - 14:27:32

O44 - LFC:Last File Created - C:\WINDOWS\System32\url.dll -->20/02/2009 - 18:10:55

O44 - LFC:Last File Created - C:\WINDOWS\System32\urlmon.dll -->20/02/2009 - 18:10:56

O44 - LFC:Last File Created - C:\WINDOWS\System32\uxtuneup.dll -->27/04/2009 - 13:21:36

O44 - LFC:Last File Created - C:\WINDOWS\System32\webcheck.dll -->20/02/2009 - 18:10:56

O44 - LFC:Last File Created - C:\WINDOWS\System32\wininet.dll -->03/03/2009 - 01:13:06

O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->17/05/2009 - 05:26:43

O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avipbb.sys -->20/03/2009 - 14:01:15

O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06/04/2009 - 14:32:46

O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06/04/2009 - 14:32:54

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADDALIAS.EXE-0A1A7C91.pf -->17/05/2009 - 12:37:09

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVMCDLG.EXE-04132B9D.pf -->17/05/2009 - 10:46:12

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-24130279.pf -->17/05/2009 - 15:18:10

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-3911B168.pf -->17/05/2009 - 13:25:50

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHCP.COM-18156052.pf -->17/05/2009 - 15:08:54

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->17/05/2009 - 15:08:53

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DCCPROC.EXE-3284D294.pf -->17/05/2009 - 15:14:51

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->17/05/2009 - 13:21:02

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->17/05/2009 - 13:20:56

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->17/05/2009 - 15:16:08

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIND.EXE-0EC32F1E.pf -->17/05/2009 - 15:08:54

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.EXE-0CA6274B.pf -->17/05/2009 - 15:09:21

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->17/05/2009 - 11:28:36

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641591.pf -->17/05/2009 - 15:14:03

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-3AB369BE.pf -->17/05/2009 - 14:22:27

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.EXE-2719EE55.pf -->17/05/2009 - 09:24:57

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->17/05/2009 - 14:22:16

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->17/05/2009 - 13:20:49

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MINIREG.EXE-2FAA0529.pf -->17/05/2009 - 12:37:05

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MODE.COM-31685BAE.pf -->17/05/2009 - 15:08:43

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NETSTAT.EXE-2B2B4428.pf -->17/05/2009 - 14:56:38

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->17/05/2009 - 15:10:01

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->17/05/2009 - 05:26:25

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ONECLICKSTARTER.EXE-31B195B2.pf -->17/05/2009 - 15:00:02

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSV.EXE-1A4D2F4B.pf -->17/05/2009 - 15:08:56

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PING.EXE-31216D26.pf -->17/05/2009 - 14:56:53

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PP-SAVER.SCR-357BE1BC.pf -->17/05/2009 - 13:20:35

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PREUPD.EXE-1FF0750D.pf -->17/05/2009 - 15:00:58

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.EXE-02C569DD.pf -->17/05/2009 - 15:09:11

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf -->17/05/2009 - 15:09:07

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf -->17/05/2009 - 15:09:11

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ROUTE.EXE-371D32DE.pf -->17/05/2009 - 14:56:38

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf -->17/05/2009 - 11:22:26

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf -->17/05/2009 - 13:27:19

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SC.EXE-012262AF.pf -->17/05/2009 - 15:09:12

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETPATH.EXE-38F85A52.pf -->17/05/2009 - 15:08:54

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->17/05/2009 - 05:26:26

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-04E909DE.pf -->17/05/2009 - 09:24:58

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-38CA75D9.pf -->17/05/2009 - 15:15:52

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TOOLBARSD.EXE-12CE882C.pf -->17/05/2009 - 15:08:44

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TRAFIC.EXE-09B74BDC.pf -->17/05/2009 - 14:56:38

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TU.EXE-1B05F2FE.pf -->17/05/2009 - 12:35:54

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-060ACF51.pf -->17/05/2009 - 15:01:01

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->17/05/2009 - 13:28:30

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf -->17/05/2009 - 13:25:30

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf -->17/05/2009 - 12:50:40

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->17/05/2009 - 15:09:05

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCRIPT.EXE-32960AB9.pf -->17/05/2009 - 15:08:56

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->17/05/2009 - 05:27:14

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHP2.EXE-3374FBD7.pf -->17/05/2009 - 13:45:45

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0180118E.pf -->17/05/2009 - 12:45:57

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-06A5E6C1.pf -->17/05/2009 - 13:44:53

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0A583B99.pf -->17/05/2009 - 11:20:05

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0F197597.pf -->17/05/2009 - 15:16:24

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-2507E724.pf -->17/05/2009 - 15:16:30

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.12(2).EXE-1CF3E635.pf -->17/05/2009 - 14:48:48

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.12(2).TMP-152179CF.pf -->17/05/2009 - 14:48:48

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.12.EXE-1D5EF8E9.pf -->17/05/2009 - 12:36:40

O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.12.TMP-24325045.pf -->17/05/2009 - 12:36:40

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)

O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

O47 - AAKE:Key Export - "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"

O47 - AAKE:Key Export - "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"

O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

O47 - AAKE:Key Export - "C:\Program Files\Spamihilator\cdcc.exe"="C:\Program Files\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration"

O47 - AAKE:Key Export - "C:\Program Files\Spamihilator\dccproc.exe"="C:\Program Files\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter"

O47 - AAKE:Key Export - "C:\Program Files\Spamihilator\spamihilator.exe"="C:\Program Files\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator"

O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

O47 - AAKE:Key Export - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (TDSD) (O52)

O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"

O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"

O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"

O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"

O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"

O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"

O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"wave1"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave2"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave3"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave4"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave5"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave6"="serwvdrv.dll"

O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave8"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.SP55"="SP5X_32.DLL"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.SP56"="SP5X_32.DLL"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.SP57"="SP5X_32.DLL"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.SP58"="SP5X_32.DLL"

O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave7"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=

O56 - MWPE:[HKCU\...\Policies\Explorer] - "ClearRecentDocsOnExit"=

O56 - MWPE:[HKCU\...\Policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoSaveSettings"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NofolderOptions"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoFind"=0

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoResolveSearch"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=323

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoFolderOptions"=0

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\1394bus.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\AGRSM.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ALCXWDM.SYS

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ati2mtag.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgntdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avgntmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\avipbb.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\BANTExt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\beep.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bridge.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cbidf2k.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\CCDECODE.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdaudio.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cdrom.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\classpnp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\crusoe.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\disk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\diskdump.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmboot.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmio.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dmload.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\DMusic.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\drmkaud.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxg.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\dxgthk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\el90xbc5.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\enum1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fastfat.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\FBAPI.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fdc.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fips.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\flpydisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fltmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fsvga.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\fs_rec.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ftdisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidparse.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\hidusb.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\http.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\i8042prt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\imapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\intelppm.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ip6fw.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipfltdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipinip.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipnat.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ipsec.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\irenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\isapnp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kbdclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\kmixer.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ks.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ksecdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\L8042pr2.Sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\LMouFlt2.Sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mcd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mf.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mnmdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\modem.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MODEMCSA.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mouclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mountmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxdav.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mrxsmb.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\msgpc.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSKSSRV.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPCLOCK.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSPQM.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mssmbios.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\MSTEE.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\mup.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NABTSFEC.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndis.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\NdisIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndistapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndisuio.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndiswan.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ndproxy.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbios.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\netbt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nic1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nmnt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\npfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ntfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\null.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkflt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkfwd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkipx.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnknb.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\nwlnkspx.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ohci1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\oprghdlr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\p3.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parport.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\partmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\parvdm.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pci.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pciidex.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pcmcia.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\portcls.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\PQNTDRV.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\processr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\psched.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\pxhelp20.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasacd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rasl2tp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspppoe.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspptp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\raspti.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rawwan.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdbss.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpcdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpdr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rdpwd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\redbook.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RITCPT.SYS

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rmcast.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rndismp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\rootmdm.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\RTL8139.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\Rtlnicxp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\scsiport.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sdbus.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\serial.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffdisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sffp_sd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sfloppy.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\SLIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\smclib.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\snapman.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sonydcam.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\splitter.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sptd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\srv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\stream.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\StreamIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\swmidi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\sysaudio.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tape.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tcpip6.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdi.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdpipe.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tdtcp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\Teefer.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\termdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tifsfilt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\timntr.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tosdvd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\tunmp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\UAGP35.SYS

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\udfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\update.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usb8023.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBAUDIO.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbcamd2.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbccgp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbehci.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbhub.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbintel.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbport.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbprint.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbscan.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\USBSTOR.SYS

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\usbuhci.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\vga.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\VIAAGP1.SYS

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\viaide.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\videoprt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\volsnap.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\VX1000.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wanarp.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wdmaud.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wg3n.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wg4n.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wg5n.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wg6n.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wmilib.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wpdusb.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\wpsdrvnt.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\ws2ifsl.sys

O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\WSTCODEC.SYS

End of the scan: 960 lines

Merci à vous de l'étudier.

pear · le 17 mai 2009

Bonjour,

Pourquoi cette demande d'analyse ,

Vous avez quelque disfonctionnement ?

Rendez vous à cette addresse:

Cliquez sur parcourir pour trouver ce fichier, en gras:

C:\WINDOWS\system32\FBAPI.sys

et cliquez sur "envoyer le fichier"

Copiez /collez la réponse dans votre prochain message.

lentjus · le 17 mai 2009

Suite à ce post

http://forum.zebulon.fr/zhpdiag-lignes-sus...95#entry1383495

Je n'ai pas ce fichier sur mon disque dur FBAPI.sys

Je l'ai trouvé, voir ici http://www.virustotal.com/fr/analisis/fba6...e474d8df9a4e341

Cordialement

Modifié le 17 mai 2009 par lentjus

pear · le 17 mai 2009

Je n'ai pas ce fichier sur mon disque dur FBAPI.sys

Il vaut mieux dire que vous ne le trouvez pas

il est là:

O41 - Driver: FBAPI (FBAPI) - C:\WINDOWS\system32\drivers\FBAPI.sys => Ligne non traitée

Poste de travail->Outils ->Options des dossiers ->Affichage

Cocher "Afficher les dossiers cachés"

Décocher" Masquer les extension des fichiers dont le type est connus "ainsi que "Masquer les fichiers protégés du système d exploitation"

--> un message dit que cela peut endommager le système, ne pas en tenir compte, valider par oui.

Modifié le 17 mai 2009 par pear

lentjus · le 17 mai 2009

Oui, je l'ai trouvé, mais comme tu avais omis Drivers, j'ai cherché dans System32.

La réponse dans le post plus haut.

pear · le 17 mai 2009

tu avais omis Drivers

Exact. Excusez moi.

Tout est bien qui finit bien puisque le seul doute est levé.

Mais , je répète ma question: Pourquoi cette demande d'analyse ?

lentjus · le 17 mai 2009

Parce quand faisant une analyse avec Zhpdiag, j'ai trouvé ces lignes bizarres.

O71 - BDRI:[hklm\software\microsoft\internet explorer\extension compatibility\{43d9e6f0-1776-4897-ae14-ecedecbafec0}]

Malware

O71 - BDRI:[hklm\software\microsoft\internet explorer\extension compatibility\{5a074b29-f830-49de-a31b-5bb9d7f6b407}]

Malware

O71 - BDRI:[hklm\software\microsoft\internet explorer\extension compatibility\{5a074b21-f830-49de-a31b-5bb9d7f6b407}]

Malware

O71 - BDRI:[hklm\software\microsoft\windows\currentversion\policies\explorer]:nofolderoptions

Malware

O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\policies\explorer]:nofolderoptions

Malware

et ici

---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)

O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

---\\ Site indésirable dans la Zone de confiance d'Internet Explorer (O15)

O15 - Trusted Zone: *

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: Microsoft XML Parser for Java (Microsoft XML Parser for Java) - file:///C:/WINDOWS/Java/classes/xmldso.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\Messenger\MSGRAP~1.DLL

pear · le 17 mai 2009

Bonsoir,

Vous n'aviez rien dit des clés 71.Votre rapport s'arrêtait à 58.

Les autres sont correctes:

Télécharger sur le bureauOTMoveIt3 by OldTimer .

Double-clic sur OTMoveIt3.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous):

:Processes

explorer.exe

:Reg

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}]

[-hklm\software\microsoft\internet explorer\extension compatibility\{43d9e6f0-1776-4897-ae14-ecedecbafec0}]

[-hklm\software\microsoft\internet explorer\extension compatibility\{5a074b29-f830-49de-a31b-5bb9d7f6b407}]

[-hklm\software\microsoft\internet explorer\extension compatibility\{5a074b21-f830-49de-a31b-5bb9d7f6b407}]

[hklm\software\microsoft\windows\currentversion\policies\explorer]

"nofolderoptions"=-

[hkcu\software\microsoft\windows\currentversion\policies\explorer]

"nofolderoptions"=-

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

Revenez dans OTMoveIt3,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTMoveIt3

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTMoveIt\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

lentjus · le 18 mai 2009

Excusez du retard.

Voici le rapport

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\\ not found.

Registry key hklm\software\microsoft\internet explorer\extension compatibility\{43d9e6f0-1776-4897-ae14-ecedecbafec0}\\ not found.

Registry key hklm\software\microsoft\internet explorer\extension compatibility\{5a074b29-f830-49de-a31b-5bb9d7f6b407}\\ not found.

Registry key hklm\software\microsoft\internet explorer\extension compatibility\{5a074b21-f830-49de-a31b-5bb9d7f6b407}\\ not found.

Registry value hklm\software\microsoft\windows\currentversion\policies\explorer\\nofolderoptions deleted successfully.

Registry value hkcu\software\microsoft\windows\currentversion\policies\explorer\\nofolderoptions not found.

========== COMMANDS ==========

File delete failed. C:\DOCUME~1\ROUCOU\LOCALS~1\Temp\etilqs_1v5feYu6GR1ZfIAJSoyO scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\ROUCOU\LOCALS~1\Temp\Perflib_Perfdata_530.dat scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Internet Explorer cache folder emptied.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

User's Temporary Internet Files folder emptied.

Local Service Temp folder emptied.

Local Service Temporary Internet Files folder emptied.

Network Service Temp folder emptied.

File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Network Service Temporary Internet Files folder emptied.

File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_674.dat scheduled to be deleted on reboot.

Windows Temp folder emptied.

Java cache emptied.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\urlclassifier3.sqlite scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\XUL.mfl scheduled to be deleted on reboot.

FireFox cache emptied.

Opera cache emptied.

Temp folders emptied.

Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05182009_092426

Files moved on Reboot...

File C:\DOCUME~1\ROUCOU\LOCALS~1\Temp\etilqs_1v5feYu6GR1ZfIAJSoyO not found!

File C:\DOCUME~1\ROUCOU\LOCALS~1\Temp\Perflib_Perfdata_530.dat not found!

C:\WINDOWS\temp\Perflib_Perfdata_674.dat moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_001_ moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_002_ moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_003_ moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\Cache\_CACHE_MAP_ moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\urlclassifier3.sqlite moved successfully.

C:\Documents and Settings\ROUCOU\Local Settings\Application Data\Mozilla\Firefox\Profiles\89ahiw6u.default\XUL.mfl moved successfully.

Cordialement

lentjus · le 19 mai 2009

Bonjour,

Le nettoyage est bon ? j'ai encore une ligne 071

Zeb Help Process v2.33.12 by Nicolas Coolman - Rapport Général du 19/05/2009 10:08:10

Rapport de ZHPSearch v1.20.1 par Nicolas Coolman

Enregistré le 19/05/2009 10:07:43

Platform : Microsoft Windows XP (5.1.2600) Service Pack 2

---\\ ZHPSearch, Recherche particulière de Clé, valeur ou donnée de BDR (RPR) (O70)

*** None ***

---\\ ZHPSearch, Outil de recherche d'infection de Base de Registres (O71)

O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\policies\explorer]:nofolderoptions

Lignes traitées 1/1

Merci

Modifié le 19 mai 2009 par lentjus

Connexion

Pas encore inscrit ?

Rapport zhpdiag (infection ?)

Messages recommandés

lentjus

pear

lentjus

pear

lentjus

pear

lentjus

pear

lentjus

lentjus

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer