Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Infections découvertes après analyse

Eku28

Par Eku28
dans Analyses et éradication malwares

 Partager

Messages recommandés

Eku28 Power Member

Eku28

Posté(e)
Posté(e) (modifié)

Bonsoir à tous,

 

Voici une analyse réalisée avec ZHPDiag.

Il y a détection de malware. Y a t' il dans cette analyse des éléments qui ne servent à rien et qui pourraient être supprimés ?

Merci de votre coopération et de votre aide pour les débusquer et m' aider à les supprimés.

 

Rapport de ZHPDiag v1.24.12 par Nicolas Coolman

Run by Taranis at 25/10/2009 20:56:56

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

MSIE: Internet Explorer v8.0.6001.18702

MFIE: Mozilla Firefox (3.5.3)

 

Boot mode: Normal (Normal boot)

Total RAM: 4,0 Gb (79 % free)

System drive C: 20 Go (3 Go free)

 

---\\ Processus lancés

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS.0\System32\svchost.exe

C:\WINDOWS.0\system32\services.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS.0\system32\nvsvc32.exe

C:\WINDOWS.0\system32\IoctlSvc.exe

C:\WINDOWS.0\system32\lsass.exe

C:\WINDOWS.0\system32\spoolsv.exe

C:\WINDOWS.0\System32\TUProgSt.exe

C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS.0\system32\userinit.exe,

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS.0\system32\ieframe.dll

R3 - URLSearchHook: Microsoft Url Search Hook - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} -

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1

 

---\\ Restriction de l'accès aux options IE par l'Administrateur (O6)

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel présent

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1250106993625

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256071896750

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS.0\system32\urlmon.dll

O18 - Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\PKMCDO.DLL

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS.0\system32\msvidctl.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS.0\system32\urlmon.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll

O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS.0\system32\msvidctl.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS.0\system32\wiascr.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS.0\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy - C:\WINDOWS.0\System32\%SystemRoot%\System32\dimsntfy.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS.0\System32\WgaLogon.dll

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS.0\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS.0\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.0\system32\WPDShServiceObj.dll

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf

O23 - Service: Machine Debug Manager (MDM) - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - C:\WINDOWS.0\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) - C:\WINDOWS.0\system32\IoctlSvc.exe

O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS.0\system32\spoolsv.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - C:\WINDOWS.0\System32\TUProgSt.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe -service

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS.0\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1250161584.job

O39 - APT:Automatic Planified Task - C:\WINDOWS.0\Tasks\Maintenance en 1 clic.job

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Mise à jour de la version d'Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS.0\system32\ieudinit.exe

O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS.0\inf\unregmp2.exe /ShowWMP

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS.0\system32\ie4uinit.exe -UserIconConfig

O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS.0\system32\rundll32.exe" "C:\WINDOWS.0\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS.0\system32\shmgrate.exe OCInstallUserConfigOE

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)

O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)

O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS.0\system32\wmpdxm.dll

O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS.0\system32\wmpdxm.dll

O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)

O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS.0\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS.0\system32\themeui.dll

O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)

O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)

O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)

O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)

O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)

O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)

O40 - ASIC: Mise à jour de sécurité pour Windows XP (KB923789) - {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - (not file)

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\msmsgs.inf,BLC.QuietInstall.PerUser

O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\wmp.inf,PerUserStub

O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)

O40 - ASIC: .NET Framework - {72AD53CC-CCC0-3757-8480-9EE176866A7C} - (not file)

O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file)

O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS.0\system32\ie4uinit.exe -BaseSettings

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS.0\system32\Rundll32.exe C:\WINDOWS.0\system32\mscories.dll,Install

O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)

O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)

O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)

O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)

O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS.0\system32\Macromed\Flash\Flash6.ocx

O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)

O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys

O41 - Driver: Pilote de processeur AMD K7 (AmdK7) - C:\WINDOWS\system32\DRIVERS\amdk7.sys

O41 - Driver: Protocole client ARP 1394 (Arp1394) - C:\WINDOWS\system32\DRIVERS\arp1394.sys

O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys

O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\system32\DRIVERS\atmarpc.sys

O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\system32\DRIVERS\audstub.sys

O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: avgntflt (avgntflt) - C:\WINDOWS\system32\DRIVERS\avgntflt.sys

O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys

O41 - Driver: Décodeur sous-titre fermé (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys

O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys

O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys

O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys

O41 - Driver: driverhardwarev2 (driverhardwarev2) - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys

O41 - Driver: FltMgr (FltMgr) - C:\WINDOWS\system32\DRIVERS\fltMgr.sys

O41 - Driver: Énumérateur de port jeu (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys

O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\system32\DRIVERS\msgpc.sys

O41 - Driver: Pilote de classe HID Microsoft (hidusb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys

O41 - Driver: IEEE-1284.4 Driver HPZid412 (HPZid412) - C:\WINDOWS\system32\DRIVERS\HPZid412.sys

O41 - Driver: Print Class Driver for IEEE-1284.4 HPZipr12 (HPZipr12) - C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

O41 - Driver: USB to IEEE-1284.4 Translation Driver HPZius12 (HPZius12) - C:\WINDOWS\system32\DRIVERS\HPZius12.sys

O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: Pilote du pare-feu Windows IPv6 (Ip6Fw) - C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys

O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\system32\DRIVERS\irenum.sys

O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys

O41 - Driver: KLIF (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys

O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys

O41 - Driver: Pilote HID de souris (mouhid) - C:\WINDOWS\system32\DRIVERS\mouhid.sys

O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\system32\DRIVERS\mrxdav.sys

O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys

O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys

O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys

O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\system32\DRIVERS\mssmbios.sys

O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys

O41 - Driver: Pilote UART MIDI MPU-401 Microsoft (ms_mpu401) - C:\WINDOWS\system32\drivers\msmpu401.sys

O41 - Driver: Codec NABTS/FEC VBI (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

O41 - Driver: Connection TV/vidéo Microsoft (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys

O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys

O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys

O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys

O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: Pilote réseau 1394 (NIC1394) - C:\WINDOWS\system32\DRIVERS\nic1394.sys

O41 - Driver: Nokia USB Phone Parent (nmwcd) - C:\WINDOWS\system32\drivers\ccdcmb.sys

O41 - Driver: Nokia USB Generic (nmwcdc) - C:\WINDOWS\system32\drivers\ccdcmbo.sys

O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

O41 - Driver: Service for NVIDIA® nForce Audio Enumerator (nvax) - C:\WINDOWS\system32\drivers\nvax.sys

O41 - Driver: NVIDIA nForce MCP Networking Controller Driver (NVENET) - C:\WINDOWS\system32\DRIVERS\NVENET.sys

O41 - Driver: Service for NVIDIA® nForce Audio (nvnforce) - C:\WINDOWS\system32\drivers\nvapu.sys

O41 - Driver: NVIDIA nForce AGP Bus Filter (nv_agp) - C:\WINDOWS\system32\DRIVERS\nv_agp.sys

O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

O41 - Driver: Contrôleurs hôte IEEE 1394 compatible OHCI (ohci1394) - C:\WINDOWS\system32\DRIVERS\ohci1394.sys

O41 - Driver: Webcam Deluxe (ovt530) - C:\WINDOWS\System32\Drivers\ov530vid.sys

O41 - Driver: PCCS Mode Change Filter Driver (pccsmcfd) - C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys

O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\system32\DRIVERS\psched.sys

O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\system32\DRIVERS\ptilink.sys

O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys

O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys

O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\system32\DRIVERS\raspti.sys

O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\system32\DRIVERS\rdpdr.sys

O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\system32\DRIVERS\secdrv.sys

O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\system32\DRIVERS\serenum.sys

O41 - Driver: Détrameur décalage BDA (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys

O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys

O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys

O41 - Driver: (no object) (srescan) - C:\WINDOWS\system32\ZoneLabs\srescan.sys

O41 - Driver: Srv (Srv) - C:\WINDOWS\system32\DRIVERS\srv.sys

O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

O41 - Driver: BDA IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys

O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\system32\DRIVERS\swenum.sys

O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys

O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys

O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\system32\DRIVERS\update.sys

O41 - Driver: (no object) (upperdev) - C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

O41 - Driver: Pilote USB audio (WDM) (usbaudio) - C:\WINDOWS\system32\drivers\usbaudio.sys

O41 - Driver: Pilote parent générique USB Microsoft (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys

O41 - Driver: Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0 (usbehci) - C:\WINDOWS\system32\DRIVERS\usbehci.sys

O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\system32\DRIVERS\usbhub.sys

O41 - Driver: Pilote miniport de contrôleur hôte ouvert USB Microsoft (usbohci) - C:\WINDOWS\system32\DRIVERS\usbohci.sys

O41 - Driver: Classe d'imprimantes USB Microsoft (usbprint) - C:\WINDOWS\system32\DRIVERS\usbprint.sys

O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys

O41 - Driver: USB Modem Driver (usbser) - C:\WINDOWS\system32\drivers\usbser.sys

O41 - Driver: (no object) (UsbserFilt) - C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

O41 - Driver: vsdatant (vsdatant) - C:\WINDOWS\System32\vsdatant.sys

O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys

O41 - Driver: Kernel Mode Driver Frameworks service (Wdf01000) - C:\WINDOWS\System32\Drivers\wdf01000.sys

O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys

O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys

O41 - Driver: Codec Teletext standard (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys

O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

O41 - Driver: NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter (yukonwxp) - C:\WINDOWS\system32\DRIVERS\yukonwxp.sys

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip 4.65

O42 - Logiciel: ABBYY FineReader 9.0 Professional Edition

O42 - Logiciel: Adobe Flash Player 10 Plugin

O42 - Logiciel: Audacity 1.2.6

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus

O42 - Logiciel: Complément Microsoft Word pour Microsoft Works Suite

O42 - Logiciel: Disque de souvenirs HP

O42 - Logiciel: Foxit PDF Editor

O42 - Logiciel: Foxit Reader

O42 - Logiciel: Hercules WebCam Station

O42 - Logiciel: Hercules Webcam

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)

O42 - Logiciel: Java 6 Update 15

O42 - Logiciel: MSN

O42 - Logiciel: MSVC80_x86

O42 - Logiciel: MSXML 4.0 SP2 (KB954430)

O42 - Logiciel: Ma-Config.com

O42 - Logiciel: Malwarebytes' Anti-Malware

O42 - Logiciel: Marvell Miniport Driver

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

O42 - Logiciel: Microsoft Office Excel Viewer 2003

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French)

O42 - Logiciel: Microsoft Office Word Viewer 2003

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.7

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

O42 - Logiciel: Microsoft Word 2002

O42 - Logiciel: Microsoft Works

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra

O42 - Logiciel: Mozilla Firefox (3.5.3)

O42 - Logiciel: NVIDIA Drivers

O42 - Logiciel: NVIDIA nForce Drivers

O42 - Logiciel: NVIDIA nView Desktop Manager

O42 - Logiciel: Nero 7 Essentials

O42 - Logiciel: Nero BurnRights

O42 - Logiciel: Nokia Connectivity Cable Driver

O42 - Logiciel: Nokia Multimedia Common Components 2.4

O42 - Logiciel: Nokia Music

O42 - Logiciel: Nokia PC Suite

O42 - Logiciel: Nokia Software Updater

O42 - Logiciel: OpenOffice.org 3.1

O42 - Logiciel: PC Connectivity Solution

O42 - Logiciel: PDFCreator

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

O42 - Logiciel: Photo et imagerie HP 2.0 - All-in-One

O42 - Logiciel: Photo et imagerie HP 2.0 - All-in-One Pilote

O42 - Logiciel: Photo et imagerie HP 2.0 - hp psc 1100 series

O42 - Logiciel: Picasa 3

O42 - Logiciel: RagTime Solo

O42 - Logiciel: Spybot - Search & Destroy

O42 - Logiciel: Sélecteur d'installation de Microsoft Works 2004

O42 - Logiciel: TuneUp Utilities 2009

O42 - Logiciel: Unlocker 1.8.7

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

O42 - Logiciel: VLC media player 1.0.2

O42 - Logiciel: Virtual Cable Tester

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130)

O42 - Logiciel: Windows Internet Explorer 8

O42 - Logiciel: Windows Live Mail

O42 - Logiciel: Windows Live Messenger

O42 - Logiciel: Windows Live installer

O42 - Logiciel: Windows Media Format 11 runtime

O42 - Logiciel: Winmail Reader 1.1.12

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0

O42 - Logiciel: XnView 1.91.1

O42 - Logiciel: Zeb-Utility 1.2

O42 - Logiciel: ZebHelpProcess 2.34

O42 - Logiciel: ZoneAlarm

O42 - Logiciel: eMule

O42 - Logiciel: hp psc 1100 series

O42 - Logiciel: neroxml

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip

O43 - CFD:Common File Directory ----D- C:\Program Files\ABBYY FineReader 9.0

O43 - CFD:Common File Directory ----D- C:\Program Files\AskSearch

O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX

O43 - CFD:Common File Directory ----D- C:\Program Files\eMule

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Foxit Software

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\Hercules

O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\JRE

O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Marvell

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works Suite 2004

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD:Common File Directory ----D- C:\Program Files\PDFCreator

O43 - CFD:Common File Directory ----D- C:\Program Files\RagTime Solo

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne

O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD:Common File Directory ----D- C:\Program Files\StartClock

O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2009

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Unlocker

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\Winmail Reader

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\XnView

O43 - CFD:Common File Directory ----D- C:\Program Files\Zeb-Utility

O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess

O43 - CFD:Common File Directory ----D- C:\Program Files\Zone Labs

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ABBYY

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ArcSoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Borland Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Designer

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Nokia

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\PCSuite

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:Last File Created 02/10/2009 - 10:01:58 ---A- C:\WINDOWS.0\System32\MRT.exe

O44 - LFC:Last File Created 11/10/2009 - 14:52:08 --HA- C:\WINDOWS.0\System32\mlfcache.dat

O44 - LFC:Last File Created 11/10/2009 - 15:00:53 ---A- C:\WINDOWS.0\NeroDigital.ini

O44 - LFC:Last File Created 20/10/2009 - 22:02:45 ---A- C:\WINDOWS.0\KB892130.log

O44 - LFC:Last File Created 20/10/2009 - 22:02:55 ---A- C:\WINDOWS.0\KB898461.log

O44 - LFC:Last File Created 20/10/2009 - 22:10:26 ---A- C:\WINDOWS.0\System32\FOXIT_PDF

O44 - LFC:Last File Created 20/10/2009 - 22:32:20 ---A- C:\WINDOWS.0\KB941569.log

O44 - LFC:Last File Created 20/10/2009 - 22:32:55 ---A- C:\WINDOWS.0\KB950762.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:02 ---A- C:\WINDOWS.0\KB951376-v2.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:12 ---A- C:\WINDOWS.0\KB951978.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:21 ---A- C:\WINDOWS.0\KB951748.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:43 ---A- C:\WINDOWS.0\KB929399.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:49 ---A- C:\WINDOWS.0\KB951066.log

O44 - LFC:Last File Created 20/10/2009 - 22:33:56 ---A- C:\WINDOWS.0\KB946648.log

O44 - LFC:Last File Created 20/10/2009 - 22:34:03 ---A- C:\WINDOWS.0\KB952954.log

O44 - LFC:Last File Created 20/10/2009 - 22:34:10 ---A- C:\WINDOWS.0\KB950974.log

O44 - LFC:Last File Created 20/10/2009 - 22:34:17 ---A- C:\WINDOWS.0\KB952287.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:13 ---A- C:\WINDOWS.0\KB958644.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:21 ---A- C:\WINDOWS.0\KB955069.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:28 ---A- C:\WINDOWS.0\KB954459.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:36 ---A- C:\WINDOWS.0\KB957097.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:42 ---A- C:\WINDOWS.0\KB956802.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:50 ---A- C:\WINDOWS.0\KB952069.log

O44 - LFC:Last File Created 20/10/2009 - 22:35:56 ---A- C:\WINDOWS.0\KB956803.log

O44 - LFC:Last File Created 20/10/2009 - 22:36:04 ---A- C:\WINDOWS.0\KB958687.log

O44 - LFC:Last File Created 20/10/2009 - 22:36:21 ---A- C:\WINDOWS.0\KB961118.log

O44 - LFC:Last File Created 20/10/2009 - 22:36:28 ---A- C:\WINDOWS.0\KB960225.log

O44 - LFC:Last File Created 20/10/2009 - 22:36:40 ---A- C:\WINDOWS.0\KB967715.log

O44 - LFC:Last File Created 20/10/2009 - 22:45:41 ---A- C:\WINDOWS.0\setupapi.log

O44 - LFC:Last File Created 20/10/2009 - 22:45:45 ---A- C:\WINDOWS.0\WgaNotify.log

O44 - LFC:Last File Created 20/10/2009 - 22:46:37 ---A- C:\WINDOWS.0\KB923561.log

O44 - LFC:Last File Created 20/10/2009 - 22:46:57 ---A- C:\WINDOWS.0\KB956572.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:07 ---A- C:\WINDOWS.0\KB952004.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:15 ---A- C:\WINDOWS.0\KB960803.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:22 ---A- C:\WINDOWS.0\KB959426.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:29 ---A- C:\WINDOWS.0\KB961501.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:37 ---A- C:\WINDOWS.0\KB968537.log

O44 - LFC:Last File Created 20/10/2009 - 22:47:44 ---A- C:\WINDOWS.0\KB970238.log

O44 - LFC:Last File Created 20/10/2009 - 22:48:19 ---A- C:\WINDOWS.0\KB971633.log

O44 - LFC:Last File Created 20/10/2009 - 22:48:49 ---A- C:\WINDOWS.0\KB971557.log

O44 - LFC:Last File Created 20/10/2009 - 22:48:59 ---A- C:\WINDOWS.0\KB973540.log

O44 - LFC:Last File Created 20/10/2009 - 22:48:59 ---A- C:\WINDOWS.0\wmsetup.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:06 ---A- C:\WINDOWS.0\KB973869.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:15 ---A- C:\WINDOWS.0\KB956744.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:22 ---A- C:\WINDOWS.0\KB973354.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:30 ---A- C:\WINDOWS.0\KB973507.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:37 ---A- C:\WINDOWS.0\KB960859.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:44 ---A- C:\WINDOWS.0\KB973815.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:51 ---A- C:\WINDOWS.0\KB971657.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:57 ---A- C:\WINDOWS.0\System32\TZLog.log

O44 - LFC:Last File Created 20/10/2009 - 22:49:58 ---A- C:\WINDOWS.0\KB970653-v3.log

O44 - LFC:Last File Created 20/10/2009 - 22:50:06 ---A- C:\WINDOWS.0\KB961371-v2.log

O44 - LFC:Last File Created 21/10/2009 - 05:31:25 ---A- C:\WINDOWS.0\ie8.log

O44 - LFC:Last File Created 21/10/2009 - 05:31:35 ---A- C:\WINDOWS.0\KB973874-IE8.log

O44 - LFC:Last File Created 21/10/2009 - 05:32:05 ---A- C:\WINDOWS.0\KB974455-IE8.log

O44 - LFC:Last File Created 21/10/2009 - 05:32:09 ---A- C:\WINDOWS.0\ie8_main.log

O44 - LFC:Last File Created 21/10/2009 - 05:32:17 ---A- C:\WINDOWS.0\KB956844.log

O44 - LFC:Last File Created 21/10/2009 - 05:32:25 ---A- C:\WINDOWS.0\KB971961.log

O44 - LFC:Last File Created 21/10/2009 - 05:32:33 ---A- C:\WINDOWS.0\KB968816.log

O44 - LFC:Last File Created 21/10/2009 - 05:35:40 ---A- C:\WINDOWS.0\KB974455.log

O44 - LFC:Last File Created 21/10/2009 - 05:35:49 ---A- C:\WINDOWS.0\KB973525.log

O44 - LFC:Last File Created 21/10/2009 - 05:35:56 ---A- C:\WINDOWS.0\KB954155.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:04 ---A- C:\WINDOWS.0\KB975025.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:13 ---A- C:\WINDOWS.0\KB974571.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:22 ---A- C:\WINDOWS.0\KB974112.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:38 ---A- C:\WINDOWS.0\KB971486.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:46 ---A- C:\WINDOWS.0\KB958869.log

O44 - LFC:Last File Created 21/10/2009 - 05:36:56 ---A- C:\WINDOWS.0\KB969059.log

O44 - LFC:Last File Created 21/10/2009 - 05:38:50 ---A- C:\WINDOWS.0\msxml4-KB954430-enu.LOG

O44 - LFC:Last File Created 21/10/2009 - 05:39:04 ---A- C:\WINDOWS.0\KB968389.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:04 ---A- C:\WINDOWS.0\imsins.BAK

O44 - LFC:Last File Created 21/10/2009 - 05:39:10 ---A- C:\WINDOWS.0\updspapi.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:11 ---A- C:\WINDOWS.0\msmqinst.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\FaxSetup.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\KB975467.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\MedCtrOC.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\comsetup.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\iis6.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\imsins.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\msgsocm.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\netfxocm.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\ntdtcsetup.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\ocgen.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\ocmsn.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\tabletoc.log

O44 - LFC:Last File Created 21/10/2009 - 05:39:13 ---A- C:\WINDOWS.0\tsoc.log

O44 - LFC:Last File Created 21/10/2009 - 05:44:37 ---A- C:\WINDOWS.0\spupdsvc.log.1.log

O44 - LFC:Last File Created 21/10/2009 - 05:44:59 ---A- C:\WINDOWS.0\spupdsvc.log

O44 - LFC:Last File Created 25/09/2009 - 06:36:34 ---A- C:\WINDOWS.0\System32\shdocvw.dll

O44 - LFC:Last File Created 25/10/2009 - 10:10:41 ---A- C:\WINDOWS.0\System32\wpa.dbl

O44 - LFC:Last File Created 25/10/2009 - 10:15:08 ---A- C:\WINDOWS.0\System32\PerfStringBackup.INI

O44 - LFC:Last File Created 25/10/2009 - 10:15:08 ---A- C:\WINDOWS.0\System32\perfc009.dat

O44 - LFC:Last File Created 25/10/2009 - 10:15:08 ---A- C:\WINDOWS.0\System32\perfc00C.dat

O44 - LFC:Last File Created 25/10/2009 - 10:15:08 ---A- C:\WINDOWS.0\System32\perfh009.dat

O44 - LFC:Last File Created 25/10/2009 - 10:15:08 ---A- C:\WINDOWS.0\System32\perfh00C.dat

O44 - LFC:Last File Created 25/10/2009 - 15:52:52 ---A- C:\WINDOWS.0\SchedLgU.Txt

O44 - LFC:Last File Created 25/10/2009 - 15:53:47 ---A- C:\WINDOWS.0\System32\FNTCACHE.DAT

O44 - LFC:Last File Created 25/10/2009 - 15:53:50 -S-A- C:\WINDOWS.0\bootstat.dat

O44 - LFC:Last File Created 25/10/2009 - 15:54:04 ---A- C:\WINDOWS.0\System32\vsconfig.xml

O44 - LFC:Last File Created 25/10/2009 - 15:54:13 ---A- C:\WINDOWS.0\wiaservc.log

O44 - LFC:Last File Created 25/10/2009 - 15:54:18 ---A- C:\WINDOWS.0\wiadebug.log

O44 - LFC:Last File Created 25/10/2009 - 15:54:51 ---A- C:\WINDOWS.0\0.log

O44 - LFC:Last File Created 25/10/2009 - 15:55:03 ---A- C:\WINDOWS.0\WindowsUpdate.log

O44 - LFC:Last File Created 25/10/2009 - 20:34:08 ---A- C:\WINDOWS.0\System32\NvApps.xml

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:55:06 ---A- C:\WINDOWS.0\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:55:14 ---A- C:\WINDOWS.0\Prefetch\WUAUCLT.EXE-2A481492.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:59:01 ---A- C:\WINDOWS.0\Prefetch\ZLCLIENT.EXE-1C550EB2.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:59:04 ---A- C:\WINDOWS.0\Prefetch\AVGNT.EXE-200FEF40.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:59:13 ---A- C:\WINDOWS.0\Prefetch\TEATIMER.EXE-1F57E47A.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 15:59:18 ---A- C:\WINDOWS.0\Prefetch\STARTCLOCK.EXE-172B6EFF.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 16:20:52 ---A- C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-41A2C50F.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 18:12:10 ---A- C:\WINDOWS.0\Prefetch\FIREFOX.EXE-28641590.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 18:12:12 ---A- C:\WINDOWS.0\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 18:37:41 ---A- C:\WINDOWS.0\Prefetch\FOXIT READER.EXE-35492E0C.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 19:03:56 ---A- C:\WINDOWS.0\Prefetch\WINWORD.EXE-29F5CB89.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 19:04:09 ---A- C:\WINDOWS.0\Prefetch\WKDSTORE.EXE-397D96EA.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 19:04:17 ---A- C:\WINDOWS.0\Prefetch\SOFFICE.BIN-01E25E9C.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 19:04:25 ---A- C:\WINDOWS.0\Prefetch\SOFFICE.EXE-358D937C.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 19:04:25 ---A- C:\WINDOWS.0\Prefetch\SWRITER.EXE-38A9F6BD.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:01:35 ---A- C:\WINDOWS.0\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:01:38 ---A- C:\WINDOWS.0\Prefetch\DEFRAG.EXE-245E7C36.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:01:38 ---A- C:\WINDOWS.0\Prefetch\DFRGNTFS.EXE-06B2B128.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:17:59 ---A- C:\WINDOWS.0\Prefetch\HELPSVC.EXE-2355E80E.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:12 ---A- C:\WINDOWS.0\Prefetch\WGATRAY.EXE-16143D01.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:13 ---A- C:\WINDOWS.0\Prefetch\USERINIT.EXE-383233FB.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:13 ---A- C:\WINDOWS.0\Prefetch\WMIPRVSE.EXE-235CEA97.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:14 ---A- C:\WINDOWS.0\Prefetch\EXPLORER.EXE-1B701634.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:17 ---A- C:\WINDOWS.0\Prefetch\CTFMON.EXE-0FA9A932.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:17 ---A- C:\WINDOWS.0\Prefetch\JUSCHED.EXE-25206883.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:20 ---A- C:\WINDOWS.0\Prefetch\IMAPI.EXE-280F6872.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:34:25 ---A- C:\WINDOWS.0\Prefetch\WLMAIL.EXE-16F261CF.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:35:44 ---A- C:\WINDOWS.0\Prefetch\UPDCLIENT.EXE-2C18D9E5.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:37:10 ---A- C:\WINDOWS.0\Prefetch\WSCNTFY.EXE-0471F4D2.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:37:20 ---A- C:\WINDOWS.0\Prefetch\TU_LOGONUI.EXE-1BF27674.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:37:25 ---A- C:\WINDOWS.0\Prefetch\CSRSS.EXE-2ECE5C41.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:37:34 ---A- C:\WINDOWS.0\Prefetch\WINLOGON.EXE-361E37F2.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:40:07 ---A- C:\WINDOWS.0\Prefetch\VERCLSID.EXE-168106D2.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:40:08 ---A- C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-175AB5D7.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:40:09 ---A- C:\WINDOWS.0\Prefetch\RUNDLL32.EXE-1F460527.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:54:13 ---A- C:\WINDOWS.0\Prefetch\AVWSC.EXE-0283F9DD.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:54:30 ---A- C:\WINDOWS.0\Prefetch\MBAM.EXE-0BEE0439.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:54:47 ---A- C:\WINDOWS.0\Prefetch\NOTEPAD.EXE-0E7B88BB.pf

O45 - LFCP:Last File Created Prefetch 25/10/2009 - 20:56:40 ---A- C:\WINDOWS.0\Prefetch\ZHPDIAG.EXE-0180118E.pf

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

---\\ Export de clé d'application autorisée (ECAA)(O47)

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS.0\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS.0\System32\scecli.dll

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\Wdf01000.sys

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

---\\ Trojan Driver Search Data (TDSD) (O52)

O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"

O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"

O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"

O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"

O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"

O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"

O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"

O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"

O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"

O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS.0\system32\iac25_32.ax"

O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"

O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS.0\system32\l3codeca.acm"

O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"

O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"

O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"

O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"

O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"

O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio Codec"

O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"

O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS.0\system32\iac25_32.ax"="Indeo® audio software"

O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"

O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS.0\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"

O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"

O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Vidéo WDM pour le pilote de capture Windows (Win32)"

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\1394bus.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\acpi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\acpiec.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\aec.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\afc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\afd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\AFS2K.SYS

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\amdk6.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\amdk7.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\arp1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\asyncmac.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\atapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\atmarpc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\atmepvc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\atmlane.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\atmuni.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\audstub.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\avgntdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\avgntflt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\avgntmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\avipbb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\beep.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\bridge.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cbidf2k.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ccdcmb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ccdcmbo.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\CCDECODE.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cdaudio.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cdfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cdrom.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cinemst2.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\classpnp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\cpqdap01.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\crusoe.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\disk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\diskdump.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dmboot.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dmio.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dmload.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\DMusic.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\drmk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\drmkaud.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dxapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dxg.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\dxgthk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\enum1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fastfat.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fdc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fips.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\flpydisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fltMgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fsvga.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\fs_rec.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ftdisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\gameenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\hdaudbus.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\hidclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\hidparse.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\hidusb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\hpzid412.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\HPZipr12.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\HPZius12.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\http.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\i8042prt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\imagedrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\imagesrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\imapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\intelppm.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ip6fw.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ipfltdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ipinip.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ipnat.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ipsec.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\irenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\isapnp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\kbdclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\kbdhid.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\klif.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\kmixer.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ks.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ksecdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mbam.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mbamswissarmy.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mcd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mf.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mnmdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\modem.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mouclass.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mouhid.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mountmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mqac.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mrxdav.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mrxsmb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\msfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\msgpc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\MSKSSRV.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\msmpu401.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\MSPCLOCK.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\MSPQM.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mssmbios.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\MSTEE.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\mup.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\NABTSFEC.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ndis.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\NdisIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ndistapi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ndisuio.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ndiswan.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ndproxy.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\netbios.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\netbt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nic1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nikedrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nmnt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\npfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ntfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\null.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nv4_mini.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nvapu.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nvarm.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nvax.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\NVENET.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nvmcp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nv_agp.SYS

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwlnkflt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwlnkfwd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwlnkipx.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwlnknb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwlnkspx.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\nwrdr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ohci1394.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\oprghdlr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\p3.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\parport.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\partmgr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\parvdm.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pccsmcfd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pci.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pciide.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pciidex.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pcmcia.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\portcls.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\processr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\psched.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ptilink.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\pxhelp20.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rasacd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rasl2tp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\raspppoe.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\raspptp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\raspti.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rawwan.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rdbss.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rdpcdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rdpdr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rdpwd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\redbook.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rio8drv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\riodrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rmcast.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rndismp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\rootmdm.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\scsiport.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sdbus.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\secdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\serenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\serial.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sffdisk.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sffp_mmc.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sffp_sd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sfloppy.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\SLIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\smclib.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sonydcam.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\splitter.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sr.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\srv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ssmdrv.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\stream.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\StreamIP.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\swenum.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\swmidi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\sysaudio.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tape.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tcpip.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tcpip6.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tdi.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tdpipe.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tdtcp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\termdd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tosdvd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tsbvcap.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\tunmp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\udfs.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\update.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usb8023.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\USBAUDIO.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbcamd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbcamd2.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbccgp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbehci.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbhub.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbintel.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbohci.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbport.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbprint.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbscan.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbser.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbser_lowerflt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\usbser_lowerfltj.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\USBSTOR.SYS

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\vdmindvd.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\vga.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\videoprt.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\volsnap.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\wanarp.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\wdmaud.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\wmilib.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\wpdusb.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\ws2ifsl.sys

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\WSTCODEC.SYS

O58 - SDL:System Drivers List - C:\WINDOWS.0\system32\drivers\yukonwxp.sys

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: Dial-a-fix

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - ABBYY FineReader 9.0 PE Licensing Servi (ABBYY.Licensing.FineReader.Professional.9.0) - LEGACY_ABBYY.LICENSING.FINEREADER.PROFESSIONAL.9.0

O64 - Services: CurCS - AFD (AFD) - LEGACY_AFD

O64 - Services: CurCS - Service de la passerelle de la couche A (ALG) - LEGACY_ALG

O64 - Services: CurCS - Avira AntiVir Scheduler (AntiVirSchedulerService) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - Avira AntiVir Guard (AntiVirService) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - Gestion d'applications (AppMgmt) - LEGACY_APPMGMT

O64 - Services: CurCS - Protocole client ARP 1394 (Arp1394) - LEGACY_ARP1394

O64 - Services: CurCS - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV

O64 - Services: CurCS - avgio (avgio) - LEGACY_AVGIO

O64 - Services: CurCS - avgntflt (avgntflt) - LEGACY_AVGNTFLT

O64 - Services: CurCS - avipbb (avipbb) - LEGACY_AVIPBB

O64 - Services: CurCS - Beep (Beep) - LEGACY_BEEP

O64 - Services: CurCS - Service de transfert intelligent en arr (BITS) - LEGACY_BITS

O64 - Services: CurCS - Explorateur d'ordinateur (Browser) - LEGACY_BROWSER

O64 - Services: CurCS - cdfs (cdfs) - LEGACY_CDFS

O64 - Services: CurCS - .NET Runtime Optimization Service v2.0. (clr_optimization_v2.0.50727_32) - LEGACY_CLR_OPTIMIZATION_V2.0.50727_32

O64 - Services: CurCS - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP

O64 - Services: CurCS - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC

O64 - Services: CurCS - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - Client DHCP (Dhcp) - LEGACY_DHCP

O64 - Services: CurCS - Service d'administration du Gestionnair (dmadmin) - LEGACY_DMADMIN

O64 - Services: CurCS - dmboot (dmboot) - LEGACY_DMBOOT

O64 - Services: CurCS - dmload (dmload) - LEGACY_DMLOAD

O64 - Services: CurCS - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER

O64 - Services: CurCS - Client DNS (Dnscache) - LEGACY_DNSCACHE

O64 - Services: CurCS - driverhardwarev2 (driverhardwarev2) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CurCS - Service de rapport d'erreurs (ERSvc) - LEGACY_ERSVC

O64 - Services: CurCS - Système d'événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM

O64 - Services: CurCS - fastfat (fastfat) - LEGACY_FASTFAT

O64 - Services: CurCS - Compatibilité avec le Changement rapide (FastUserSwitchingCompatibility) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY

O64 - Services: CurCS - Fips (Fips) - LEGACY_FIPS

O64 - Services: CurCS - FltMgr (FltMgr) - LEGACY_FLTMGR

O64 - Services: CurCS - Windows Presentation Foundation Font Ca (FontCache3.0.0.0) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_FS_REC

O64 - Services: CurCS - Fs_Rec (Fs_Rec) - LEGACY_GIVEIO

O64 - Services: CurCS - Classificateur de paquets générique (Gpc) - LEGACY_GPC

O64 - Services: CurCS - Aide et support (helpsvc) - LEGACY_HELPSVC

O64 - Services: CurCS - HID Input Service (HidServ) - LEGACY_HIDSERV

O64 - Services: CurCS - HTTP (HTTP) - LEGACY_HTTP

O64 - Services: CurCS - HTTP SSL (HTTPFilter) - LEGACY_HTTPFILTER

O64 - Services: CurCS - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE

O64 - Services: CurCS - InCD File System (InCDfs) - LEGACY_INCDFS

O64 - Services: CurCS - InCDrec (InCDrec) - LEGACY_INCDREC

O64 - Services: CurCS - Traducteur d'adresses réseau IP (IpNat) - LEGACY_IPNAT

O64 - Services: CurCS - Pilote IPSEC (IPSec) - LEGACY_IPSEC

O64 - Services: CurCS - Java Quick Starter (JavaQuickStarterService) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - KLIF (KLIF) - LEGACY_KLIF

O64 - Services: CurCS - ksecdd (ksecdd) - LEGACY_KSECDD

O64 - Services: CurCS - Serveur (LanmanServer) - LEGACY_LANMANSERVER

O64 - Services: CurCS - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION

O64 - Services: CurCS - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS

O64 - Services: CurCS - Ma-Config Service (maconfservice) - LEGACY_MACONFSERVICE

O64 - Services: CurCS - Machine Debug Manager (MDM) - LEGACY_MDM

O64 - Services: CurCS - mnmdd (mnmdd) - LEGACY_MNMDD

O64 - Services: CurCS - mountmgr (mountmgr) - LEGACY_MOUNTMGR

O64 - Services: CurCS - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV

O64 - Services: CurCS - MRXSMB (MRxSmb) - LEGACY_MRXSMB

O64 - Services: CurCS - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC

O64 - Services: CurCS - Msfs (Msfs) - LEGACY_MSFS

O64 - Services: CurCS - Windows Installer (MSIServer) - LEGACY_MSISERVER

O64 - Services: CurCS - Mup (Mup) - LEGACY_MUP

O64 - Services: CurCS - Pilote système NDIS (NDIS) - LEGACY_NDIS

O64 - Services: CurCS - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI

O64 - Services: CurCS - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO

O64 - Services: CurCS - NDProxy (NDProxy) - LEGACY_NDPROXY

O64 - Services: CurCS - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS

O64 - Services: CurCS - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT

O64 - Services: CurCS - Connexions réseau (Netman) - LEGACY_NETMAN

O64 - Services: CurCS - NLA (Network Location Awareness) (Nla) - LEGACY_NLA

O64 - Services: CurCS - NMIndexingService (NMIndexingService) - LEGACY_NMINDEXINGSERVICE

O64 - Services: CurCS - Npfs (Npfs) - LEGACY_NPFS

O64 - Services: CurCS - ntfs (ntfs) - LEGACY_NTFS

O64 - Services: CurCS - Stockage amovible (NtmsSvc) - LEGACY_NTMSSVC

O64 - Services: CurCS - Null (Null) - LEGACY_NULL

O64 - Services: CurCS - NVIDIA Display Driver Service (nvsvc) - LEGACY_NVSVC

O64 - Services: CurCS - Office Source Engine (ose) - LEGACY_OSE

O64 - Services: CurCS - PartMgr (PartMgr) - LEGACY_PARTMGR

O64 - Services: CurCS - ParVdm (ParVdm) - LEGACY_PARVDM

O64 - Services: CurCS - PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) - LEGACY_PLFLASH_DEVICEIOCONTROL_SERVICE

O64 - Services: CurCS - Pml Driver HPZ12 (Pml Driver HPZ12) - LEGACY_PML_DRIVER_HPZ12

O64 - Services: CurCS - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT

O64 - Services: CurCS - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CurCS - Pilote de connexion automatique d'accès (RasAcd) - LEGACY_RASACD

O64 - Services: CurCS - Gestionnaire de connexions d'accès dist (RasMan) - LEGACY_RASMAN

O64 - Services: CurCS - Rdbss (Rdbss) - LEGACY_RDBSS

O64 - Services: CurCS - RDPCDD (RDPCDD) - LEGACY_RDPCDD

O64 - Services: CurCS - RDPNP (RDPNP) - LEGACY_RDPNP

O64 - Services: CurCS - Accès à distance au Registre (RemoteRegistry) - LEGACY_REMOTEREGISTRY

O64 - Services: CurCS - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS

O64 - Services: CurCS - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS

O64 - Services: CurCS - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE

O64 - Services: CurCS - Connexion secondaire (seclogon) - LEGACY_SECLOGON

O64 - Services: CurCS - Notification d'événement système (SENS) - LEGACY_SENS

O64 - Services: CurCS - ServiceLayer (ServiceLayer) - LEGACY_SERVICELAYER

O64 - Services: CurCS - Pare-feu Windows / Partage de connexion (SharedAccess) - LEGACY_SHAREDACCESS

O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION

O64 - Services: CurCS - Détection matériel noyau (ShellHWDetection) - LEGACY_SPEEDFAN

O64 - Services: CurCS - Spouleur d'impression (Spooler) - LEGACY_SPOOLER

O64 - Services: CurCS - Pilote de filtre de restauration systèm (sr) - LEGACY_SR

O64 - Services: CurCS - srescan (srescan) - LEGACY_SRESCAN

O64 - Services: CurCS - Service de restauration système (srservice) - LEGACY_SRSERVICE

O64 - Services: CurCS - Srv (Srv) - LEGACY_SRV

O64 - Services: CurCS - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV

O64 - Services: CurCS - ssmdrv (ssmdrv) - LEGACY_SSMDRV

O64 - Services: CurCS - Acquisition d'image Windows (WIA) (stisvc) - LEGACY_STISVC

O64 - Services: CurCS - Téléphonie (TapiSrv) - LEGACY_TAPISRV

O64 - Services: CurCS - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP

O64 - Services: CurCS - Services Terminal Server (TermService) - LEGACY_TERMSERVICE

O64 - Services: CurCS - Thèmes (Themes) - LEGACY_THEMES

O64 - Services: CurCS - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS

O64 - Services: CurCS - TuneUp Drive Defrag Service (TuneUp.Defrag) - LEGACY_TUNEUP.DEFRAG

O64 - Services: CurCS - TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - LEGACY_TUNEUP.PROGRAMSTATISTICSSVC

O64 - Services: CurCS - Udfs (Udfs) - LEGACY_UDFS

O64 - Services: CurCS - UnlockerDriver5 (UnlockerDriver5) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CurCS - Service Messenger Sharing Folders USN J (usnjsvc) - LEGACY_USNJSVC

O64 - Services: CurCS - TuneUp Extension de thème (UxTuneUp) - LEGACY_UXTUNEUP

O64 - Services: CurCS - vga (vga) - LEGACY_VGA

O64 - Services: CurCS - VgaSave (VgaSave) - LEGACY_VGASAVE

O64 - Services: CurCS - VolSnap (VolSnap) - LEGACY_VOLSNAP

O64 - Services: CurCS - vsdatant (vsdatant) - LEGACY_VSDATANT

O64 - Services: CurCS - TrueVector Internet Monitor (vsmon) - LEGACY_VSMON

O64 - Services: CurCS - Horloge Windows (W32Time) - LEGACY_W32TIME

O64 - Services: CurCS - Pilote ARP IP d'accès distant (Wanarp) - LEGACY_WANARP

O64 - Services: CurCS - Kernel Mode Driver Frameworks service (Wdf01000) - LEGACY_WDF01000

O64 - Services: CurCS - WebClient (WebClient) - LEGACY_WEBCLIENT

O64 - Services: CurCS - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT

O64 - Services: CurCS - Windows Live Setup Service (WLSetupSvc) - LEGACY_WLSETUPSVC

O64 - Services: CurCS - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV

O64 - Services: CurCS - Centre de sécurité (wscsvc) - LEGACY_WSCSVC

O64 - Services: CurCS - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV

O64 - Services: CurCS - Windows Driver Foundation - User-mode D (WudfPf) - LEGACY_WUDFPF

O64 - Services: CurCS - Windows Driver Foundation - User-mode D (WudfSvc) - LEGACY_WUDFSVC

O64 - Services: CurCS - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC

O64 - Services: CS002 - AFD (AFD) - LEGACY_AFD

O64 - Services: CS002 - Service de la passerelle de la couche A (ALG) - LEGACY_ALG

O64 - Services: CS002 - Service de la passerelle de la couche A (ALG) - LEGACY_ALG

O64 - Services: CS002 - Avira AntiVir Guard (AntiVirService) - LEGACY_ANTIVIRSERVICE

O64 - Services: CS002 - Gestion d'applications (AppMgmt) - LEGACY_APPMGMT

O64 - Services: CS002 - Protocole client ARP 1394 (Arp1394) - LEGACY_ARP1394

O64 - Services: CS002 - Audio Windows (AudioSrv) - LEGACY_AUDIOSRV

O64 - Services: CS002 - avgio (avgio) - LEGACY_AVGIO

O64 - Services: CS002 - avgntflt (avgntflt) - LEGACY_AVGNTFLT

O64 - Services: CS002 - avipbb (avipbb) - LEGACY_AVIPBB

O64 - Services: CS002 - Beep (Beep) - LEGACY_BEEP

O64 - Services: CS002 - Service de transfert intelligent en arr (BITS) - LEGACY_BITS

O64 - Services: CS002 - Explorateur d'ordinateur (Browser) - LEGACY_BROWSER

O64 - Services: CS002 - cdfs (cdfs) - LEGACY_CDFS

O64 - Services: CS002 - cdfs (cdfs) - LEGACY_CDFS

O64 - Services: CS002 - Application système COM+ (COMSysApp) - LEGACY_COMSYSAPP

O64 - Services: CS002 - Services de cryptographie (CryptSvc) - LEGACY_CRYPTSVC

O64 - Services: CS002 - Lanceur de processus serveur DCOM (DcomLaunch) - LEGACY_DCOMLAUNCH

O64 - Services: CS002 - Client DHCP (Dhcp) - LEGACY_DHCP

O64 - Services: CS002 - Service d'administration du Gestionnair (dmadmin) - LEGACY_DMADMIN

O64 - Services: CS002 - dmboot (dmboot) - LEGACY_DMBOOT

O64 - Services: CS002 - dmload (dmload) - LEGACY_DMLOAD

O64 - Services: CS002 - Gestionnaire de disque logique (dmserver) - LEGACY_DMSERVER

O64 - Services: CS002 - Client DNS (Dnscache) - LEGACY_DNSCACHE

O64 - Services: CS002 - driverhardwarev2 (driverhardwarev2) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CS002 - Service de rapport d'erreurs (ERSvc) - LEGACY_ERSVC

O64 - Services: CS002 - Système d'événements de COM+ (EventSystem) - LEGACY_EVENTSYSTEM

O64 - Services: CS002 - fastfat (fastfat) - LEGACY_FASTFAT

O64 - Services: CS002 - fastfat (fastfat) - LEGACY_FASTFAT

O64 - Services: CS002 - Fips (Fips) - LEGACY_FIPS

O64 - Services: CS002 - FltMgr (FltMgr) - LEGACY_FLTMGR

O64 - Services: CS002 - Windows Presentation Foundation Font Ca (FontCache3.0.0.0) - LEGACY_FONTCACHE3.0.0.0

O64 - Services: CS002 - Fs_Rec (Fs_Rec) - LEGACY_FS_REC

O64 - Services: CS002 - Fs_Rec (Fs_Rec) - LEGACY_GIVEIO

O64 - Services: CS002 - Classificateur de paquets générique (Gpc) - LEGACY_GPC

O64 - Services: CS002 - Aide et support (helpsvc) - LEGACY_HELPSVC

O64 - Services: CS002 - HID Input Service (HidServ) - LEGACY_HIDSERV

O64 - Services: CS002 - HTTP (HTTP) - LEGACY_HTTP

O64 - Services: CS002 - HTTP SSL (HTTPFilter) - LEGACY_HTTPFILTER

O64 - Services: CS002 - Service COM de gravage de CD IMAPI (ImapiService) - LEGACY_IMAPISERVICE

O64 - Services: CS002 - InCD File System (InCDfs) - LEGACY_INCDFS

O64 - Services: CS002 - InCDrec (InCDrec) - LEGACY_INCDREC

O64 - Services: CS002 - Traducteur d'adresses réseau IP (IpNat) - LEGACY_IPNAT

O64 - Services: CS002 - Pilote IPSEC (IPSec) - LEGACY_IPSEC

O64 - Services: CS002 - Pilote IPSEC (IPSec) - LEGACY_IPSEC

O64 - Services: CS002 - KLIF (KLIF) - LEGACY_KLIF

O64 - Services: CS002 - ksecdd (ksecdd) - LEGACY_KSECDD

O64 - Services: CS002 - Serveur (LanmanServer) - LEGACY_LANMANSERVER

O64 - Services: CS002 - Station de travail (LanmanWorkstation) - LEGACY_LANMANWORKSTATION

O64 - Services: CS002 - Assistance TCP/IP NetBIOS (LmHosts) - LEGACY_LMHOSTS

O64 - Services: CS002 - Ma-Config Service (maconfservice) - LEGACY_MACONFSERVICE

O64 - Services: CS002 - Machine Debug Manager (MDM) - LEGACY_MDM

O64 - Services: CS002 - mnmdd (mnmdd) - LEGACY_MNMDD

O64 - Services: CS002 - mountmgr (mountmgr) - LEGACY_MOUNTMGR

O64 - Services: CS002 - Redirecteur client WebDav (MRxDAV) - LEGACY_MRXDAV

O64 - Services: CS002 - MRXSMB (MRxSmb) - LEGACY_MRXSMB

O64 - Services: CS002 - Distributed Transaction Coordinator (MSDTC) - LEGACY_MSDTC

O64 - Services: CS002 - Msfs (Msfs) - LEGACY_MSFS

O64 - Services: CS002 - Windows Installer (MSIServer) - LEGACY_MSISERVER

O64 - Services: CS002 - Mup (Mup) - LEGACY_MUP

O64 - Services: CS002 - Pilote système NDIS (NDIS) - LEGACY_NDIS

O64 - Services: CS002 - Pilote TAPI NDIS d'accès distant (NdisTapi) - LEGACY_NDISTAPI

O64 - Services: CS002 - NDIS mode utilisateur E/S Protocole (Ndisuio) - LEGACY_NDISUIO

O64 - Services: CS002 - NDProxy (NDProxy) - LEGACY_NDPROXY

O64 - Services: CS002 - Interface NetBIOS (NetBIOS) - LEGACY_NETBIOS

O64 - Services: CS002 - NetBIOS sur TCP/IP (NetBT) - LEGACY_NETBT

O64 - Services: CS002 - Connexions réseau (Netman) - LEGACY_NETMAN

O64 - Services: CS002 - NLA (Network Location Awareness) (Nla) - LEGACY_NLA

O64 - Services: CS002 - NMIndexingService (NMIndexingService) - LEGACY_NMINDEXINGSERVICE

O64 - Services: CS002 - Npfs (Npfs) - LEGACY_NPFS

O64 - Services: CS002 - ntfs (ntfs) - LEGACY_NTFS

O64 - Services: CS002 - Stockage amovible (NtmsSvc) - LEGACY_NTMSSVC

O64 - Services: CS002 - Null (Null) - LEGACY_NULL

O64 - Services: CS002 - NVIDIA Display Driver Service (nvsvc) - LEGACY_NVSVC

O64 - Services: CS002 - Office Source Engine (ose) - LEGACY_OSE

O64 - Services: CS002 - PartMgr (PartMgr) - LEGACY_PARTMGR

O64 - Services: CS002 - ParVdm (ParVdm) - LEGACY_PARVDM

O64 - Services: CS002 - ParVdm (ParVdm) - LEGACY_PARVDM

O64 - Services: CS002 - Pml Driver HPZ12 (Pml Driver HPZ12) - LEGACY_PML_DRIVER_HPZ12

O64 - Services: CS002 - Services IPSEC (PolicyAgent) - LEGACY_POLICYAGENT

O64 - Services: CS002 - Emplacement protégé (ProtectedStorage) - LEGACY_PROTECTEDSTORAGE

O64 - Services: CS002 - Pilote de connexion automatique d'accès (RasAcd) - LEGACY_RASACD

O64 - Services: CS002 - Gestionnaire de connexions d'accès dist (RasMan) - LEGACY_RASMAN

O64 - Services: CS002 - Rdbss (Rdbss) - LEGACY_RDBSS

O64 - Services: CS002 - RDPCDD (RDPCDD) - LEGACY_RDPCDD

O64 - Services: CS002 - RDPNP (RDPNP) - LEGACY_RDPNP

O64 - Services: CS002 - Accès à distance au Registre (RemoteRegistry) - LEGACY_REMOTEREGISTRY

O64 - Services: CS002 - Appel de procédure distante (RPC) (RpcSs) - LEGACY_RPCSS

O64 - Services: CS002 - Gestionnaire de comptes de sécurité (SamSs) - LEGACY_SAMSS

O64 - Services: CS002 - Planificateur de tâches (Schedule) - LEGACY_SCHEDULE

O64 - Services: CS002 - Connexion secondaire (seclogon) - LEGACY_SECLOGON

O64 - Services: CS002 - Notification d'événement système (SENS) - LEGACY_SENS

O64 - Services: CS002 - ServiceLayer (ServiceLayer) - LEGACY_SERVICELAYER

O64 - Services: CS002 - Pare-feu Windows / Partage de connexion (SharedAccess) - LEGACY_SHAREDACCESS

O64 - Services: CS002 - Détection matériel noyau (ShellHWDetection) - LEGACY_SHELLHWDETECTION

O64 - Services: CS002 - Détection matériel noyau (ShellHWDetection) - LEGACY_SPEEDFAN

O64 - Services: CS002 - Spouleur d'impression (Spooler) - LEGACY_SPOOLER

O64 - Services: CS002 - Pilote de filtre de restauration systèm (sr) - LEGACY_SR

O64 - Services: CS002 - srescan (srescan) - LEGACY_SRESCAN

O64 - Services: CS002 - Service de restauration système (srservice) - LEGACY_SRSERVICE

O64 - Services: CS002 - Srv (Srv) - LEGACY_SRV

O64 - Services: CS002 - Service de découvertes SSDP (SSDPSRV) - LEGACY_SSDPSRV

O64 - Services: CS002 - ssmdrv (ssmdrv) - LEGACY_SSMDRV

O64 - Services: CS002 - Acquisition d'image Windows (WIA) (stisvc) - LEGACY_STISVC

O64 - Services: CS002 - Téléphonie (TapiSrv) - LEGACY_TAPISRV

O64 - Services: CS002 - Pilote du protocole TCP/IP (Tcpip) - LEGACY_TCPIP

O64 - Services: CS002 - Services Terminal Server (TermService) - LEGACY_TERMSERVICE

O64 - Services: CS002 - Thèmes (Themes) - LEGACY_THEMES

O64 - Services: CS002 - Client de suivi de lien distribué (TrkWks) - LEGACY_TRKWKS

O64 - Services: CS002 - TuneUp Drive Defrag Service (TuneUp.Defrag) - LEGACY_TUNEUP.DEFRAG

O64 - Services: CS002 - TuneUp Drive Defrag Service (TuneUp.Defrag) - LEGACY_TUNEUP.DEFRAG

O64 - Services: CS002 - Udfs (Udfs) - LEGACY_UDFS

O64 - Services: CS002 - UnlockerDriver5 (UnlockerDriver5) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CS002 - Service Messenger Sharing Folders USN J (usnjsvc) - LEGACY_USNJSVC

O64 - Services: CS002 - TuneUp Extension de thème (UxTuneUp) - LEGACY_UXTUNEUP

O64 - Services: CS002 - vga (vga) - LEGACY_VGA

O64 - Services: CS002 - VgaSave (VgaSave) - LEGACY_VGASAVE

O64 - Services: CS002 - VolSnap (VolSnap) - LEGACY_VOLSNAP

O64 - Services: CS002 - vsdatant (vsdatant) - LEGACY_VSDATANT

O64 - Services: CS002 - TrueVector Internet Monitor (vsmon) - LEGACY_VSMON

O64 - Services: CS002 - Horloge Windows (W32Time) - LEGACY_W32TIME

O64 - Services: CS002 - Pilote ARP IP d'accès distant (Wanarp) - LEGACY_WANARP

O64 - Services: CS002 - Kernel Mode Driver Frameworks service (Wdf01000) - LEGACY_WDF01000

O64 - Services: CS002 - WebClient (WebClient) - LEGACY_WEBCLIENT

O64 - Services: CS002 - Infrastructure de gestion Windows (winmgmt) - LEGACY_WINMGMT

O64 - Services: CS002 - Windows Live Setup Service (WLSetupSvc) - LEGACY_WLSETUPSVC

O64 - Services: CS002 - Carte de performance WMI (WmiApSrv) - LEGACY_WMIAPSRV

O64 - Services: CS002 - Centre de sécurité (wscsvc) - LEGACY_WSCSVC

O64 - Services: CS002 - Mises à jour automatiques (wuauserv) - LEGACY_WUAUSERV

O64 - Services: CS002 - Windows Driver Foundation - User-mode D (WudfPf) - LEGACY_WUDFPF

O64 - Services: CS002 - Windows Driver Foundation - User-mode D (WudfSvc) - LEGACY_WUDFSVC

O64 - Services: CS002 - Configuration automatique sans fil (WZCSVC) - LEGACY_WZCSVC

 

 

End of the scan: 1602 lines

Modifié par Eku28

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Regarde dans ajouter/supprimer des programmes si tu trouve Ask Search et désinstalle-le.

 

Sinon rends-toi dans ce dossier: C:\Program Files\AskSearch

 

Ouvre-le et cherche le fichier Uninstall.exe ; exécute-le alors, cela doit désinstaller le moteur de recherche nauséabond.

 

Ensuite:

 

Télécharge HijackThisV2 dans un nouveau dossier créé sur C:\ nomme-le HJT.

  • Double-clique sur HJTInstall.exe et suis les instructions d'installation.
    --> Sous VISTA: faire un clic droit/exécuter en temps qu'administrateur
  • Tu trouveras un tutoriel pour l'installation et la génération d'un rapport ici
  • Lance le, valide le message d'avertissement, puis clique sur Do a system scan and save a logfile.
  • A la fin de l'analyse, le bloc-notes va s'ouvrir. Copie-colle tout son contenu ici à la suite.
  • Poste le rapport généré sur le forum.

 

@++

Eku28 Power Member

Eku28

Posté(e)
  • Auteur
Posté(e)

Bonsoir Apollo,

 

Merci de ton aide.

 

Ok, désinstallé avec le module Windows "Ajouter / supprimer" des programmes.

Il reste à priori ceci :Un dossier "bin" avec "DefaultSearch.dll".

 

Bonne soirée.

 

Voici le rapport demandé.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:17:47, on 26/10/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS.0\System32\smss.exe

C:\WINDOWS.0\system32\winlogon.exe

C:\WINDOWS.0\system32\services.exe

C:\WINDOWS.0\system32\lsass.exe

C:\WINDOWS.0\system32\nvsvc32.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\System32\svchost.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe

C:\WINDOWS.0\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS.0\system32\IoctlSvc.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\System32\TUProgSt.exe

C:\WINDOWS.0\system32\winlogon.exe

C:\WINDOWS.0\Explorer.EXE

C:\WINDOWS.0\system32\wscntfy.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\StartClock\StartClock.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\OpenOffice.org 3\program\swriter.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Global Startup: StartClock.lnk = C:\Program Files\StartClock\StartClock.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1250106993625

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256071896750

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS.0\system32\IoctlSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe

 

--

End of file - 6791 bytes

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

flechedroitets2.pngOTM

 

Télécharge systemsr4.pngOTM de OldTimer sur ton Bureau en cliquant sur ce lien:

 

OTM

 

  • Double-clique sur OTM.exe pour le lancer (l'extension .exe peut ne pas apparaître)
     
    ---> sous VISTA: clic droit: exécuter en temps qu'administrateur.
     
    Vérifie que la case Unregister Dll's and OCX's.exe soit bien cochée!
     
  • Copie l'entièreté du code ci-dessous (depuis :Processes)
    :Processes

explorer.exe

:Files

c:\program files\asksearch\bin\defaultsearch.dll
c:\program files\asksearch


:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{C94E154B-1459-4A47-966B-4B843BEFC7DB}"=-


:Commands
[purity]
[emptytemp]
[start explorer]
[reboot]


     

  • Colle ce code dans la partie jaune de OtMoveIt3 intitulée:
    "Paste Instructions for Items to be Moved" img-025804xb055.png
     
  • Clique sur le bouton Moveit! pour lancer le nettoyage: img-025919bxiq4.png
     
  • Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results img-030027q93ue.png
    --> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
  • Ferme OTM en cliquant sur Exit: img-030110c5gvf.png

Note : Si un fichier ou un dossier ne peut être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter.

 

*** L'outil va terminer son travail après le rédémarrage du pc puis fournira son rapport; copie/colle le dans ta réponse stp.

 

@++

Eku28 Power Member

Eku28

Posté(e)
  • Auteur
Posté(e)

Bonsoir Apollo,

 

Voici le rapport demandé.

 

@ +

 

- - - - -

 

All processes killed

========== PROCESSES ==========

No active process named explorer.exe was found!

========== FILES ==========

c:\program files\asksearch\bin\DefaultSearch.dll unregistered successfully.

c:\program files\asksearch\bin\DefaultSearch.dll moved successfully.

c:\program files\AskSearch\bin moved successfully.

c:\program files\AskSearch moved successfully.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrateur

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: All Users

 

User: All Users.WINDOWS.0

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User.WINDOWS.0

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: eMule_Secure

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: LocalService

->Temp folder emptied: 65984 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: LocalService.AUTORITE NT

->Temp folder emptied: 65984 bytes

File delete failed. C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Mamounette.PROPRIETAIRE

->Temp folder emptied: 38735730 bytes

->Temporary Internet Files folder emptied: 113068635 bytes

->Java cache emptied: 27831593 bytes

->FireFox cache emptied: 45206753 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: NetworkService.AUTORITE NT

->Temp folder emptied: 0 bytes

File delete failed. C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Papounet

->Temp folder emptied: 16384 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Papounet.PROPRIETAIRE

->Temp folder emptied: 710831762 bytes

->Temporary Internet Files folder emptied: 322702798 bytes

->Java cache emptied: 25503138 bytes

->FireFox cache emptied: 40951157 bytes

 

User: Taranis

->Temp folder emptied: 1136 bytes

->Temporary Internet Files folder emptied: 7783471 bytes

->Java cache emptied: 17990574 bytes

->FireFox cache emptied: 45682246 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2351795 bytes

%systemroot%\System32 .tmp files removed: 3072 bytes

File delete failed. C:\WINDOWS.0\temp\ZLT0045c.TMP scheduled to be deleted on reboot.

File delete failed. C:\WINDOWS.0\temp\ZLT062f5.TMP scheduled to be deleted on reboot.

Windows Temp folder emptied: 1507 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 1334,28 mb

 

 

OTM by OldTimer - Version 3.0.0.6 log created on 10272009_173628

 

Files moved on Reboot...

C:\WINDOWS.0\temp\ZLT0045c.TMP moved successfully.

C:\WINDOWS.0\temp\ZLT062f5.TMP moved successfully.

 

Registry entries deleted on Reboot...

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Ton pc avait bien besoin qu'on vire ses fichiers temporaires; juge plutôt de la taille libérée sur le disque dur:

 

Total Files Cleaned = 1334,28 mb

 

Lance OTM et clique sur Cleanup! Cela le désinstallera.

 

Vérifie si tu as des mises à jour à faire ici:

http://theknitter-apollo.xooit.com/p17644.htm

 

Comment se comporte le pc?

 

Une fois ces mises à jour effectuées, poste un nouveau log Hijackthis stp.

 

@++

Eku28 Power Member

Eku28

Posté(e)
  • Auteur
Posté(e)

Bonsoir Apollo,

 

Mise à jour de "Java" = Ok

Mise à jour de "flash player" = Ok

Adobe reader, j' utilise pas.

 

Un remarque m' interpelle :

Ton pc avait bien besoin qu'on vire ses fichiers temporaires; juge plutôt de la taille libérée sur le disque dur:

 

Citation Total Files Cleaned = 1334,28 mb

Avant d' exécuter ZHPDiag, j' ai fait un nettoyage avec Tune Up Utilities sur ma session administrateur.

Est ce que je devrais exécuter les nettoyages en mode sans échec, ou bien TUU est de la daube.

 

Voici le rapport demandé :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:58:16, on 27/10/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS.0\System32\smss.exe

C:\WINDOWS.0\system32\winlogon.exe

C:\WINDOWS.0\system32\services.exe

C:\WINDOWS.0\system32\lsass.exe

C:\WINDOWS.0\system32\nvsvc32.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\System32\svchost.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe

C:\WINDOWS.0\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS.0\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS.0\system32\IoctlSvc.exe

C:\WINDOWS.0\system32\svchost.exe

C:\WINDOWS.0\System32\TUProgSt.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS.0\system32\wscntfy.exe

C:\Program Files\StartClock\StartClock.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Global Startup: StartClock.lnk = C:\Program Files\StartClock\StartClock.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.0\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1250106993625

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1256071896750

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS.0\system32\IoctlSvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS.0\System32\TuneUpDefragService.exe

O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS.0\System32\TUProgSt.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS.0\system32\ZoneLabs\vsmon.exe

 

--

End of file - 6185 bytes

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Je me garderai bien de dire que TUU est "de la daube" mais il faut croire, en effet, qu'il ne nettoie pas correctement les temp et les fichiers inutiles.

 

A cet effet, tu peux utiliser un petit utilitaire qui s'en chargera très bien et qui est parfaitement complémentaire à CCleaner par exemple.

 

Télécharger ATF Cleaner par Atribune.

  • Installe-le sur le bureau. (A conserver car très utile après chaque séance de surf)
     
    Double-clique ATF-Cleaner.exe afin de lancer le programme.
    --> Sous Vista: Clic droit/exécuter en temps qu'administrateur.
     
    Sous l'onglet Main, choisis : Select All
    Cliquer sur le bouton Empty Selected

Si tu utilises le navigateur Firefox :

  • Clique Firefox au haut et choisis : Select All
    Cliquer le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.

Si tu utilises le navigateur Opera :

  • Clique Opera au haut et choisis : Select All
    Cliquer le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, cliquer No à l'invite.

Clique Exit, du menu principal, afin de fermer le programme.

Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.

 

Le pc est ok?

 

Bonne fin de soirée. :P

Eku28 Power Member

Eku28

Posté(e)
  • Auteur
Posté(e)

Bonsoir Apollo,

 

Je me garderai bien de dire que TUU est "de la daube" mais il faut croire, en effet, qu'il ne nettoie pas correctement les temp et les fichiers inutiles.

 

J' ai peut-être été un peu fort dans mon propos sur TUU mais quand on met de la "Tune" dans un programme on aime bien qu' il fonctionne comme il faut.

En même temps, avant j' utilisais CCleaner et je rencontrais le même soucis de nettoyage incomplet sauf à passer sur chaque session utilisateur. Le soucis est peut-être identique.

 

J' ai chargé ATF Cleaner et je l' exécute. A l' issue, j' exécute un scan avec MalwareByteAntimalware et Antivir et je diffuse les rapports s' il y a quelque chose d' intéressant.

 

Merci de ton aide.

 

A +

Eku28 Power Member

Eku28

Posté(e)
  • Auteur
Posté(e)

Rebonsoir Apollo,

 

Voici un résumé des deux scans. Infecté ?.

 

A part ça, le PC marche bien. Je viens de me rendre que je ne répond jamais à cette question.

 

Merci de ton aide.

 

A+

Celui de MBMA :

"Malwarebytes' Anti-Malware 1.41

Version de la base de données: 3055

Windows 5.1.2600 Service Pack 3

 

29/10/2009 19:40:04

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)

Eléments examinés: 241504

Temps écoulé: 1 hour(s), 13 minute(s), 25 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

Elément(s) de données du Registre infecté(s):

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> No action taken.

Fichier(s) infecté(s):

C:\Documents and Settings\Taranis\Application Data\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> No action taken."

 

Celui d' Antivir :

"Avira AntiVir Personal

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : PROPRIETAIRE

 

C:\System Volume Information\_restore{8EF2E3B0-7EBC-4662-925E-57863B1D1DE9}\RP77\A0016731.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to '4b19fbf8.qua'!

The scan has been done completely.

 

9058 Scanned directories

338321 Files were scanned

1 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

1 Files were moved to quarantine

0 Files were renamed

1 Files cannot be scanned

338319 Files not concerned

2694 Archives were scanned

1 Warnings

2 Notes

36267 Objects were scanned with rootkit scan

0 Hidden objects were found"

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...