Encore un ordi conteminer sa urge

Salut,


plusieurs infections ...  


/!\ Pour le bon déroulement de la désinfection :
* Ne pas utiliser ce PC autrement que pour venir ici poursuivre la désinfection .
* N'entreprends rien avec le PC sans mon autorisation et suis à la lettre les procédures qui vont suivre .
* Prends bien connaisance de l'ensemble de ces procédures avant de te lancer .
* Si tu as un quelconque problème n'hésite pas à m'en faire part ( évite les prises de décision hasardeuses ).



Commence par ceci pour avoir un diagnostique plus précis du PC :


1- Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau :

-> http://telechargement.zebulon.fr/zhpdiag.html


!! déconnecte toi et ferme toutes tes applications en cours !!

> double-clique sur "ZHPDiag.exe" pour lancer l'installation de l'outil et laisse toi guider ( ne modifie pas les paramètres d'installe et coche bien la case "créer une icone sur le bureau" afin d'avoir les raccourcis "ZHPDiag" et "ZHPFix" ) .

> Lance ZHPDiag depuis le raccourci du bureau .

> Une fois ZHPDiag ouvert, clique sur le bouton "option" en haut sur la droite .
( celui avec le tournevis )

Une liste apparait dans l'encadré principal > vérifie que toutes les lignes soient bien cochées sauf les 045 et 061 ( important ! ) .

> Puis clique sur le bouton de "la loupe" ( en haut à gauche ) pour lancer le scan .


Laisses travailler l'outil ...


> Une fois terminé , le rapport s'affiche : clique sur bouton "disquette" pour sauvegarder le rapport obtenu ...

Enregistre bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).

( Sinon le rapport sera en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag)

Puis ferme le programme ...


> rends toi ensuite sur ce site : http://www.cijoint.fr/

Clique sur "parcourir" et va jusqu'au rapport que tu as sauvegardé .
Clique ensuite sur "cliquer ici pour déposer le fichier" et patiente ...
Une fois l'upload finit , un lien apparait > copie/colle le dans ta prochaine réponse stp ....


====================


2- Lance de nouveau ZHPDiag ,

!! déconnecte toi et ferme toutes tes applications en cours !!

* Tu vas faire une " analyse détaillée/MD5 " en procédant ainsi :

> tu cliques cette fois ci sur le bouton " dossier+loupe " ( en haut à droite ) pour lancer le scan.


Laisse travailler l'outil et ne touche à rien ( cela peut-être relativement long ) .


* Une fois terminé , le rapport s'affiche : clique sur bouton "disquette" pour sauvegarder le rapport obtenu ...

Enregistre le de façon à le retrouver facilement ( sur le bureau par exemple ).

* Fais moi parvenir ce rapport via " Cijoint " dans ta prochaine réponse pour analyse ...

Rapport de ZHPDiag v1.24.34 par Nicolas Coolman
Run by JUNG at 28/11/2009 13:15:00
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.h...
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v8.0.6001.18702

Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (66% free)
System drive C: has 134 GB (59%) free of 225 GB

---\\ Processus lancés
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Logitech\Video\InstallHelper.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\ManifestEngine.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [SGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe
O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Notification de cadeaux MSN.lnk - C:\Documents and Settings\JUNG\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll,103
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File - C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File - C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File - C:\Program Files\Bonjour\mdnsNSP.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} () - http://srtest-cdn.systemrequirementslab.com.s3.amazonaw...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opdata/layout/default01/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: bw+0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw+0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw-0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw-0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw00 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw00s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw10 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw10s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw20 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw20s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw30 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw30s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw40 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw40s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw50 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw50s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw60 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw60s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw70 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw70s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw80 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw80s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw90 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bw90s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwa0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwa0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwb0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwb0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwc0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwc0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwd0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwd0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwe0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwe0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwf0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwf0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Handler: bwg0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwg0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwh0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwh0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwi0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwi0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwj0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwj0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwk0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwk0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwl0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwl0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwm0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwm0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwn0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwn0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwo0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwo0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwp0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwp0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwq0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwq0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwr0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwr0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bws0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bws0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwt0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwt0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwu0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwu0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwv0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwv0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bww0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bww0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwx0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwx0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwy0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwy0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwz0 - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: bwz0s - {e45a8949-43ed-407e-b131-b14f777634ce} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: offline-8876480 - {E45A8949-43ED-407E-B131-B14F777634CE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service
O23 - Service: Logitech Process Monitor (LVPrcSrv) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SeaPort (SeaPort) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\HPpromotions journeysoftware.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{FAC467BB-3E02-458E-9C34-F71A795C4E92}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: (no name) - {063007AA-6453-8C98-C5BB-372B4CD1E64B} - C:\WINDOWS\damnsd\kdtv21.exe s
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP E /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: Microsoft DirectX - {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Mise à jour de sécurité pour Windows XP (KB923789) - {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Web Folders - {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file)
O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx
O40 - ASIC: Microsoft .NET Framework 1.1 Security Update (KB953297) - {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - (not file)
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: bdftdif (bdftdif) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys
O41 - Driver: Pilote de CD-ROM (Cdrom) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de filtre de gravure CD (Imapi) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: Pilote de processeur Intel (intelppm) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: Pilote de la classe Clavier (Kbdclass) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote HID de clavier (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Pilote de la classe Souris (Mouclass) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (no object) (RDPCDD) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (no object) (VgaSave) - C:\WINDOWS\System32\drivers\vga.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
O42 - Logiciel: Adobe Download Manager
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Apple Application Support
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Audacity 1.2.6
O42 - Logiciel: BitDefender Total Security 2009
O42 - Logiciel: Bonjour
O42 - Logiciel: DVD Suite
O42 - Logiciel: EVEREST Home Edition v2.20
O42 - Logiciel: FUJIFILM USB Driver
O42 - Logiciel: Fast Browser Search (My Tattoons)
O42 - Logiciel: Fraps
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: HP Extended Capabilities 4.7
O42 - Logiciel: HP Image Zone 4.7
O42 - Logiciel: HP PSC & OfficeJet 4.7
O42 - Logiciel: HP Product Detection
O42 - Logiciel: HP Software Update
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5)
O42 - Logiciel: ImageMixer VCD2 for FinePix
O42 - Logiciel: Installation Windows Live
O42 - Logiciel: Java(TM) 6 Update 17
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: Lecteur Windows Media 11
O42 - Logiciel: Logiciel QuickCam de Logitech
O42 - Logiciel: Logiciel d'archivage WinRAR
O42 - Logiciel: Logitech Desktop Messenger
O42 - Logiciel: MSVCRT
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688)
O42 - Logiciel: MSXML 6.0 Parser (KB925673)
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297)
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Choice Guard
O42 - Logiciel: Microsoft Games for Windows - LIVE
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office Home and Student 2007
O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
O42 - Logiciel: Microsoft Office Live Add-in 1.3
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft WSE 3.0 Runtime
O42 - Logiciel: MobileMe Control Panel
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: NVIDIA nView Desktop Manager
O42 - Logiciel: Nero 7 Essentials
O42 - Logiciel: Neuf - Kit de connexion
O42 - Logiciel: Nielsen//NetRatings
O42 - Logiciel: Outil de téléchargement Windows Live
O42 - Logiciel: PowerDVD
O42 - Logiciel: Programme de gestion Camera de Logitech
O42 - Logiciel: QuickTime
O42 - Logiciel: RAW FILE CONVERTER LE
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Search Guard Plus (My Tattoons)
O42 - Logiciel: Search Guard Plus Updater (My Tattoons)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB973704)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB973593)
O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234)
O42 - Logiciel: Segoe UI
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: TeamSpeak 2 RC2
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130)
O42 - Logiciel: Windows Internet Explorer 8
O42 - Logiciel: Windows Live Call
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Windows Live Contrôle parental
O42 - Logiciel: Windows Live FolderShare
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows Presentation Foundation
O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA)
O42 - Logiciel: Windows Workflow Foundation FR Language Pack
O42 - Logiciel: World of Warcraft
O42 - Logiciel: Wow Cartographe 1.07
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0
O42 - Logiciel: iTunes

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity
O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\EA SPORTS
O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts
O43 - CFD:Common File Directory ----D- C:\Program Files\Fast Browser Search
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FinePixViewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\HP
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft WSE
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\NetRatingsNetSight
O43 - CFD:Common File Directory ----D- C:\Program Files\Neuf
O43 - CFD:Common File Directory ----D- C:\Program Files\NOS
O43 - CFD:Common File Directory ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\Photocite Collection 4
O43 - CFD:Common File Directory ----D- C:\Program Files\PIXELA
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\REGSHAVE
O43 - CFD:Common File Directory ----D- C:\Program Files\Rockstar Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Rockstar Games Social Club
O43 - CFD:Common File Directory ----D- C:\Program Files\Search Guard Plus
O43 - CFD:Common File Directory ----D- C:\Program Files\Search Guard PlusU
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\SGPSA
O43 - CFD:Common File Directory ----D- C:\Program Files\SystemRequirementsLab
O43 - CFD:Common File Directory ----D- C:\Program Files\Teamspeak2_RC2
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\World of Warcraft
O43 - CFD:Common File Directory ----D- C:\Program Files\WowCartographe
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BitDefender
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 01/11/2009 - 20:36:34 ---A- C:\WINDOWS\KB954154.log
O44 - LFC:Last File Created 01/11/2009 - 20:37:06 ---A- C:\WINDOWS\KB939683.log
O44 - LFC:Last File Created 01/11/2009 - 20:37:12 ---A- C:\WINDOWS\KB973540.log
O44 - LFC:Last File Created 02/11/2009 - 12:09:23 ---A- C:\WINDOWS\WMFDist11.log
O44 - LFC:Last File Created 02/11/2009 - 12:09:36 ---A- C:\WINDOWS\Wudf01000Inst.log
O44 - LFC:Last File Created 03/11/2009 - 10:13:44 ---A- C:\WINDOWS\spupdsvc.log
O44 - LFC:Last File Created 03/11/2009 - 14:49:21 ---A- C:\WINDOWS\wmsetup.log
O44 - LFC:Last File Created 05/11/2009 - 09:02:16 ---A- C:\WINDOWS\KB976749-IE8.log
O44 - LFC:Last File Created 05/11/2009 - 18:36:21 ---A- C:\WINDOWS\System32\MRT.exe
O44 - LFC:Last File Created 06/11/2009 - 20:24:37 ---A- C:\WINDOWS\System32\deploytk.dll
O44 - LFC:Last File Created 06/11/2009 - 20:24:37 ---A- C:\WINDOWS\System32\java.exe
O44 - LFC:Last File Created 06/11/2009 - 20:24:37 ---A- C:\WINDOWS\System32\javacpl.cpl
O44 - LFC:Last File Created 06/11/2009 - 20:24:38 ---A- C:\WINDOWS\System32\javaw.exe
O44 - LFC:Last File Created 06/11/2009 - 20:24:38 ---A- C:\WINDOWS\System32\javaws.exe
O44 - LFC:Last File Created 10/11/2009 - 23:08:24 ---A- C:\WINDOWS\System32\QuickTime.qts
O44 - LFC:Last File Created 10/11/2009 - 23:08:24 ---A- C:\WINDOWS\System32\QuickTimeVR.qtx
O44 - LFC:Last File Created 11/11/2009 - 20:58:58 ---A- C:\WINDOWS\KB969947.log
O44 - LFC:Last File Created 12/11/2009 - 08:07:56 ---A- C:\WINDOWS\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 16/11/2009 - 20:18:25 ---A- C:\WINDOWS\System32\BDUpdateV1.xml
O44 - LFC:Last File Created 17/11/2009 - 18:28:06 ---A- C:\WINDOWS\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 17/11/2009 - 18:28:06 ---A- C:\WINDOWS\System32\perfc009.dat
O44 - LFC:Last File Created 17/11/2009 - 18:28:06 ---A- C:\WINDOWS\System32\perfc00C.dat
O44 - LFC:Last File Created 17/11/2009 - 18:28:06 ---A- C:\WINDOWS\System32\perfh009.dat
O44 - LFC:Last File Created 17/11/2009 - 18:28:06 ---A- C:\WINDOWS\System32\perfh00C.dat
O44 - LFC:Last File Created 21/11/2009 - 21:01:13 --HA- C:\WINDOWS\System32\mlfcache.dat
O44 - LFC:Last File Created 25/11/2009 - 20:55:05 ---A- C:\WINDOWS\msxml4-KB973688-enu.LOG
O44 - LFC:Last File Created 25/11/2009 - 20:55:25 ---A- C:\WINDOWS\updspapi.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:32 ---A- C:\WINDOWS\KB973687.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:32 ---A- C:\WINDOWS\imsins.BAK
O44 - LFC:Last File Created 25/11/2009 - 20:55:38 ---A- C:\WINDOWS\FaxSetup.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:38 ---A- C:\WINDOWS\msgsocm.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:38 ---A- C:\WINDOWS\setupapi.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\KB976098-v2.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\System32\TZLog.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\comsetup.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\iis6.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\imsins.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\ntdtcsetup.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\ocgen.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\ocmsn.log
O44 - LFC:Last File Created 25/11/2009 - 20:55:39 ---A- C:\WINDOWS\tsoc.log
O44 - LFC:Last File Created 27/11/2009 - 19:35:32 ---A- C:\WINDOWS\System32\CmdLineExt03.dll
O44 - LFC:Last File Created 27/11/2009 - 20:11:08 ---A- C:\WINDOWS\setuperr.log
O44 - LFC:Last File Created 28/11/2009 - 09:54:28 ---A- C:\WINDOWS\setupact.log
O44 - LFC:Last File Created 28/11/2009 - 10:43:48 ---A- C:\WINDOWS\SchedLgU.Txt
O44 - LFC:Last File Created 28/11/2009 - 10:43:48 ---A- C:\WINDOWS\System32\bdod.bin
O44 - LFC:Last File Created 28/11/2009 - 10:50:34 ---A- C:\WINDOWS\System32\wpa.dbl
O44 - LFC:Last File Created 28/11/2009 - 12:50:14 ---A- C:\WINDOWS\System32\drivers\lvuvc.hs
O44 - LFC:Last File Created 28/11/2009 - 12:50:18 -S-A- C:\WINDOWS\bootstat.dat
O44 - LFC:Last File Created 28/11/2009 - 12:50:28 ---A- C:\WINDOWS\System32\NvApps.xml
O44 - LFC:Last File Created 28/11/2009 - 12:50:58 ---A- C:\WINDOWS\wiaservc.log
O44 - LFC:Last File Created 28/11/2009 - 12:51:00 ---A- C:\WINDOWS\0.log
O44 - LFC:Last File Created 28/11/2009 - 12:51:00 ---A- C:\WINDOWS\wiadebug.log
O44 - LFC:Last File Created 28/11/2009 - 12:52:06 ---A- C:\WINDOWS\WindowsUpdate.log
O44 - LFC:Last File Created 31/10/2009 - 13:33:49 ---A- C:\WINDOWS\wmsetup10.log
O44 - LFC:Last File Created 31/10/2009 - 13:38:51 ---A- C:\WINDOWS\System32\amcompat.tlb
O44 - LFC:Last File Created 31/10/2009 - 13:38:51 ---A- C:\WINDOWS\System32\nscompat.tlb
O44 - LFC:Last File Created 31/10/2009 - 13:59:49 ---A- C:\WINDOWS\NeroDigital.ini
O44 - LFC:Last File Created 31/10/2009 - 18:43:14 ---A- C:\WINDOWS\wmp11.log

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:* isabled:Logitech Desktop Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export DP - "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\Wdf01000.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="lvcodec2.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.LEAD"="LCODCCMP.DLL"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo"="vfwwdm32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP60"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.VP61"="C:\WINDOWS\system32\vp6vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FPS1"="frapsvid.dll"
O52 - TDSD:HKLM\...\drivers.desc\"msaud32.acm"="Windows Media Audio"
O52 - TDSD:HKLM\...\drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software"
O52 - TDSD:HKLM\...\drivers.desc\"ir50_32.dll"="Indeo® video 5.10"
O52 - TDSD:HKLM\...\drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="Vidéo WDM pour le pilote de capture Windows (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)"
O52 - TDSD:HKLM\...\drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel"
O52 - TDSD:HKLM\...\drivers.desc\"vp6vfw.dll"="EA VP6 Codec"
O52 - TDSD:HKLM\...\drivers.desc\"lhacm.acm"="lhacm.acm"
O52 - TDSD:HKLM\...\drivers.desc\"frapsvid.dll"="Fraps Video Decompressor"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\1394bus.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\acpiec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\aec.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk6.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\arp1394.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmarpc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmepvc.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmlane.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\atmuni.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\audstub.sys
O58 - SDL:System Drivers List - C:\WINDOWS\system32\drivers\bdasup.sys
O58 - SDL:System Drivers List - C:\WIND

re,


le rapport n'est pas complet ... il est trop lourd pour le forum ... c'est pour cela que je demande d'utiliser le site d'uplaod "Cijoint" ...

Donc fait moi parvenir ce rapport ainsi que l'autre que j'ai demandé en utilisant "Cijoint" ... merci ...

 

http://www.cijoint.fr/cjlink.php?file=cj200911/cijWdgSk...

mais j'ai pas l'autre je demanderais sa dés que possible

re,



?... commença "demanderais" ... ce n'est pas ton PC ? ....



en attendant d'avoir l'autre rapport , la suite :



1- Utilisation de l'outil ZHPFix :

> Lance ZHPFix depuis le raccouci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal ( qui est vierge ), copie/colle tout le texte qui se trouve sur cette page ( et rien d'autre ! ) :

> http://cjoint.com/?lCreX0ET3H


Vérifie bien que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

* Puis clique sur le bouton [ OK ] .
> à ce moment là , il apparaitra au début de chaque ligne une petite case vide . Ne touche plus à rien !

!! Déconnecte toi, désactive tes défenses ( anti-virus,anti-spyware ) et ferme bien toutes autres applications ( navigateurs compris ) !!


* Clique sur le bouton [ Tous ] . Vérifies que toutes les lignes soient bien cochées .

* Enfin clique sur le bouton [ Nettoyer ] .


-> laisse travailler l'outil et ne touche à rien ...


-> Si il t'est demandé de redémarrer le PC pour finir le nettoyage , fais le !

Une fois terminé , un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ...

( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt )

Pense à réactiver tes défenses !...


====================


2- Refais un scan ZHPDiag, coche bien toutes les options ( sauf la 045 et 061 ), poste le nouveau rapport obtenu ( via Cijoint ) pour analyse et attends la suite ...