Forum-vista : Entraide et dépannage Windows Vista et Windows Seven

bonjour,

voici un rapport de la toute nouvelle version de zeb Help Process
Merci à qui pourrait me donner son analyse

Zeb Help Process v2.32.1 by Nicolas Coolman - Rapport Général du 07/11/2008 11:19:53

Rapport de ZHPDiag v1.1.3.7 par Nicolas Coolman
Enregistré le 07/11/2008 11:14:43
Platform : Windows Vista Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000

---\\ Processus lancés
%ProgramFiles%\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
RtHDVCpl.exe
Skytel.exe
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
%windir%\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.acer.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Program Files\CoreStreet\SpoofStick\SpoofStickBHO.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Program Files\CoreStreet\SpoofStick\SpoofStick.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwarede ... _0_3_4.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira Premium Security Suite Pare-feu (AntiVirFirewallService) - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Planificateur Avira Premium Security Suite (AntiVirScheduler) - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Service d'assistance Avira Premium Security Suite MailGuard (AVEService) - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: eLock Service (eLockService) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service (eNet Service) - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService (MobilityService) - C:\Acer\Mobility Center\MobilityService.exe -p
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: ePower Service (WMIService) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SA.DAT
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SCHEDLGU.TXT

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10a.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Atheros Extensible Wireless LAN device driver (athr) - C:\WINDOWS\system32\DRIVERS\athr.sys
O41 - Driver: AvFw Packet Filter Miniport (avfwim) - C:\WINDOWS\system32\DRIVERS\avfwim.sys
O41 - Driver: avfwot (avfwot) - C:\WINDOWS\system32\DRIVERS\avfwot.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\Avira Premium Security Suite\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O41 - Driver: Dritek Keyboard Filter Driver (DKbFltr) - C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Intel PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: ENE CIR Receiver (enecir) - C:\WINDOWS\system32\DRIVERS\enecir.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: (no object) (HSFHWAZL) - C:\WINDOWS\system32\DRIVERS\VSTAZL3.SYS
O41 - Driver: (no object) (HSF_DPV) - C:\WINDOWS\system32\DRIVERS\VSTDPV3.SYS
O41 - Driver: int15 (int15) - C:\Acer\Empowering Technology\eRecovery\int15.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote d’E/S du mappage de découverte de topologie de la couche de liaison (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Filtre NativeWiFi (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: Upper Class Filter Driver (NTIDrvr) - C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
O41 - Driver: NVIDIA nForce 10/100/1000 Mbps Ethernet (NVENETFD) - C:\WINDOWS\system32\DRIVERS\nvmfdx32.sys
O41 - Driver: (no object) (nvlddmkm) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
O41 - Driver: (no object) (nvsmu) - C:\WINDOWS\system32\DRIVERS\nvsmu.sys
O41 - Driver: Miniport réseau étendu WAN (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu WAN (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - C:\WINDOWS\system32\DRIVERS\rassstp.sys
O41 - Driver: (no object) (rimmptsk) - C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
O41 - Driver: (no object) (rimsptsk) - C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
O41 - Driver: Ricoh xD-Picture Card Driver (rismxdp) - C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
O41 - Driver: Répondeur de découverte de topologie de la couche de liaison (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: (no object) (sdbus) - C:\WINDOWS\system32\DRIVERS\sdbus.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: Pilote de protocole IPv6 Microsoft (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: Conexant Setup API (UIUSys) - C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: (no object) (winachsf) - C:\WINDOWS\system32\DRIVERS\VSTCNXT3.SYS
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.60 beta
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Bel Atout 4.20
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Eusing Free Registry Cleaner
O42 - Logiciel: ffdshow [rev 1763] [2008-01-08]
O42 - Logiciel: Foxit Reader
O42 - Logiciel: Free Registry Defrag
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: hpHosts
O42 - Logiciel: NTI Backup NOW! 4.7
O42 - Logiciel: NTI CD & DVD-Maker
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Launch Manager
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: oggcodecs 0.71.0946
O42 - Logiciel: Avira Premium Security Suite
O42 - Logiciel: Revo Uninstaller 1.75
O42 - Logiciel: SpoofStick for Internet Explorer 1.02
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: TopOCR 3.1
O42 - Logiciel: Yahoo! Toolbar avec bloqueur de fenêtres pop-up
O42 - Logiciel: ZebHelpProcess 2.32
O42 - Logiciel: Acer Mobility Center Plug-In
O42 - Logiciel: Acer eLock Management
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Paint.NET v3.36
O42 - Logiciel: Acer Crystal Eye webcam
O42 - Logiciel: Acer eAudio Management
O42 - Logiciel: RealSpeak Solo pour la voix francaise Virginie
O42 - Logiciel: Acer ePower Management
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Acer ScreenSaver
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Acer Empowering Technology
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Microsoft Sites publics français
O42 - Logiciel: PowerProducer 3.72
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Acer ePresentation Management
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: Acer eNet Management
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Acer eSettings Management
O42 - Logiciel: Acer Crystal Eye Webcam
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Windows Live installer

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Borland Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory - C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\muvee Technologies
O43 - CFD:Common File Directory - C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\WindowsLiveInstaller

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\Windows\System32\Faultrep.dll -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\FNTCACHE.DAT -->14/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\ieframe.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\iertutil.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\jsproxy.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mrt.exe -->07/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.tlb -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mstime.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\netapi32.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\ntkrnlpa.exe -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\ntoskrnl.exe -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\NVCOSMB.DLL -->20/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\NVCOSMU.DLL -->21/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvLsp.dll -->08/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvsmb.nvu -->19/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvsmu.nvu -->27/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvuninst.exe -->27/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvusmb.exe -->20/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvusmu.exe -->21/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\PerfStringBackup.INI -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.reg -->09/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.txt -->09/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\urlmon.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wersvc.dll -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\win32k.sys -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\win32spl.dll -->12/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\wininet.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuapi.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuapp.exe -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuauclt.exe -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuaueng.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wucltux.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wudriver.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wups.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wups2.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuwebv.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\athr.sys -->18/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\avipbb.sys -->06/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbam.sys -->22/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbamswissarmy.sys -->22/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf -->31/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\nvsmu.sys -->25/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\srv.sys -->27/08/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\7ZG.EXE-0F8C4081.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ACER CRYSTAL EYE WEBCAM.EXE-57133E31.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ADDALIAS.EXE-E50258CE.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-266877213-989904699-3031314254-1000.snp.db -->12/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-266877213-989904699-3031314254-1000.snp.db -->20/08/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC2.db -->27/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_6D864410.db -->12/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-266877213-989904699-3031314254-1000.db -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-266877213-989904699-3031314254-1001.db -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-266877213-989904699-3031314254-1000.db -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-266877213-989904699-3031314254-1001.db -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVCENTER.EXE-166F9BBD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVFWSVC.EXE-4F5E532D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVGNT.EXE-9DE7A975.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVGUARD.EXE-E511DB0F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVNOTIFY.EXE-5083BD95.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVWSC.EXE-606B7021.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\BELATOUT.EXE-19136B85.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CALC.EXE-77FDF17F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CDMKR32.EXE-3BB1E0CC.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CHECKT.EXE-F0583F3F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CSRSS.EXE-3FE41F7E.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5458ADF9.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DXDIAG.EXE-1F1A4BF5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EAUDIO.EXE-EE0A24DD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EHMSAS.EXE-2D3B2F21.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ENMTRAY.EXE-19B3589B.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EPOWER_DMC.EXE-F199D292.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ERAGENT.EXE-16B8E741.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-CA3DC40A.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOXPORTABLE.EXE-D7BA457B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FLASHUTIL10A.EXE-F38539B4.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FOXIT READER.EXE-AD4251B5.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GREEDY.EXE-ABAB5DBF.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GUARDGUI.EXE-D6B7C48D.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEUSER.EXE-7C0FE221.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IPCONFIG.EXE-912F3D5B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\Layout.ini -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LMANAGER.EXE-9D025777.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGON.SCR-30601369.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MBLCTR.EXE-29A20134.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MFPMP.EXE-26F35380.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MINIREG.EXE-FB2EAC96.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MMC.EXE-9FDFCD4D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBILITYCENTER.EXE-D203ABDA.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MPAS-D.EXE-40FE95BA.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MPSIGSTUB.EXE-3EA045BF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSPAINT.EXE-76E10B24.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSWORKS.EXE-494EE618.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PAINTDOTNET.EXE-018D93AD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PERFMON.EXE-E34F662B.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-2F4708C9.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PREUPD.EXE-7CA64FC5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-34C92DCE.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RTKBTMNT.EXE-BD527623.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-623046C7.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-704FC1FF.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-8BCA13E7.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-AAB1BBB5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCALC.EXE-A77089B3.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCHED.EXE-8FB11738.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SIMPRESS.EXE-2417020B.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SKYTEL.EXE-7920123E.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SMSS.EXE-E9C28FC6.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SOFFICE.BIN-FFFF76B3.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SOFFICE.EXE-0C715DD8.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SWRITER.EXE-8AC04745.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-68C7C4F0.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-64B3993D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TWEAKHOSTS.EXE-01E9ADD9.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UPDATE.EXE-46794DF4.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USNSVC.EXE-5FE071D8.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USRREQ.EXE-110148C7.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WARREG_POPUP.EXE-1DD95359.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINCAL.EXE-0681BC65.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINMAIL.EXE-1092D371.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKCALREM.EXE-28FF8702.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKDSTORE.EXE-AC552969.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSCAL.EXE-CB244E0D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSDICT.EXE-4194467F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSSS.EXE-83F61EE9.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLLOGINPROXY.EXE-9E0DCEF8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WORDPAD.EXE-D7FD7414.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WRITEACERADAPTERKEY.EXE-C47871BB.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHP2.EXE-2B098B11.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPDIAG.EXE-1A37E1DF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPDIAG.EXE-8DACDC00.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPL 2.32.1.EXE-986A571F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPL 2.32.1.TMP-2C8CF97E.pf -->07/11/2008

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\Windows\System32\scecli.dll

---\\ Recherche d'infection de Base de Registres (O71)
O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname
O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl

Lignes traitées 258/273

Bonjour

Tu as deux lignes dans le registre qui ne sont pas bonnes.

O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaultname => I
O71 - BDRI:[hkcu\software\microsoft\internet explorer\main]:searchmigrateddefaulturl

Fait ceci.

ATTENTION sous vista choisir "Exécuter en tant qu'administrateur"
Clique droit, puis Exécuter en tant qu'administrateur

Télécharger SmitfraudFix

Clique droit sur SmitfraudFix.exe
Sélectionner 1 et pressez Entrée dans le menu pour créer un rapport des fichiers responsables de l'infection.

Le rapport se trouve à la racine du disque système C:\rapport.txt

re,

voici le rapport :

SmitFraudFix v2.373

Scan done at 13:05:56,47, 07/11/2008
Run from C:\Users\Christian\Downloads\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Windows\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\CHRIST~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

hosts file corrupted !

0.0.0.0 ads.bleepingcomputer.com
0.0.0.0 http://www.ads.bleepingcomputer.com
0.0.0.0 bullguard.com
0.0.0.0 http://www.bullguard.com
0.0.0.0 youngun.castlecops.com
0.0.0.0 http://www.youngun.castlecops.com
0.0.0.0 computing.net
0.0.0.0 securecomputing.net.au
0.0.0.0 http://www.computing.net
0.0.0.0 http://www.securecomputing.net.au
0.0.0.0 dell.com.102.112.2o7.net
0.0.0.0 dell.com.112.2o7.net
0.0.0.0 fix-my-dell.com
0.0.0.0 kevingodell.com
0.0.0.0 landingstrip.dell.com
0.0.0.0 lists.us.dell.com
0.0.0.0 lt.dell.com
0.0.0.0 m.dell.com
0.0.0.0 rhondarydell.com
0.0.0.0 scrooge.arundell.com
0.0.0.0 sm.dell.com
0.0.0.0 teenbordell.com
0.0.0.0 upsdell.com
0.0.0.0 xxx-kellyodell.com
0.0.0.0 http://www.dell.com.102.112.2o7.net
0.0.0.0 http://www.dell.com.112.2o7.net
0.0.0.0 http://www.fix-my-dell.com
0.0.0.0 http://www.kevingodell.com
0.0.0.0 http://www.landingstrip.dell.com
0.0.0.0 http://www.lists.us.dell.com
0.0.0.0 http://www.lt.dell.com
0.0.0.0 http://www.m.dell.com
0.0.0.0 http://www.rhondarydell.com
0.0.0.0 http://www.scrooge.arundell.com
0.0.0.0 http://www.sm.dell.com
0.0.0.0 http://www.teenbordell.com
0.0.0.0 http://www.upsdell.com
0.0.0.0 http://www.xxx-kellyodell.com
0.0.0.0 hk.digitaltrends.com
0.0.0.0 news.digitaltrends.com
0.0.0.0 http://www.hk.digitaltrends.com
0.0.0.0 http://www.news.digitaltrends.com
0.0.0.0 idg.pl
0.0.0.0 p1.idg.pl
0.0.0.0 http://www.idg.pl
0.0.0.0 http://www.p1.idg.pl
0.0.0.0 assets.lockergnome.com
0.0.0.0 channels.lockergnome.com
0.0.0.0 mobile.lockergnome.com
0.0.0.0 http://www.assets.lockergnome.com
0.0.0.0 http://www.channels.lockergnome.com
0.0.0.0 http://www.mobile.lockergnome.com
0.0.0.0 activex.microsoft.com
0.0.0.0 c.microsoft.com
0.0.0.0 codecs.microsoft.com
0.0.0.0 crl.microsoft.com
0.0.0.0 genuine.microsoft.com
0.0.0.0 home.microsoft.com
0.0.0.0 images.metaservices.microsoft.com
0.0.0.0 labmicrosoft.com
0.0.0.0 microsoft.com.org
0.0.0.0 msdownload.microsoft.com
0.0.0.0 onlinestores.metaservices.microsoft.com
0.0.0.0 rad.microsoft.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 serviceswitching.metaservices.microsoft.com
0.0.0.0 shopformusic.microsoft.com
0.0.0.0 sqm.microsoft.com
0.0.0.0 stats.update.microsoft.com
0.0.0.0 statsupdate.microsoft.com.nsatc.net
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 updated-microsoft.com
0.0.0.0 urs.microsoft.com
0.0.0.0 v5stats.windowsupdate.microsoft.com
0.0.0.0 view-microsoft.com
0.0.0.0 watson.microsoft.com
0.0.0.0 wer.microsoft.com
0.0.0.0 winse.microsoft.com
0.0.0.0 wpa.one.microsoft.com
0.0.0.0 http://www.activex.microsoft.com
0.0.0.0 http://www.c.microsoft.com
0.0.0.0 http://www.codecs.microsoft.com
0.0.0.0 http://www.crl.microsoft.com
0.0.0.0 http://www.genuine.microsoft.com
0.0.0.0 http://www.home.microsoft.com
0.0.0.0 http://www.images.metaservices.microsoft.com
0.0.0.0 http://www.labmicrosoft.com
0.0.0.0 http://www.microsoft.com.org
0.0.0.0 http://www.msdownload.microsoft.com
0.0.0.0 http://www.onlinestores.metaservices.microsoft.com
0.0.0.0 http://www.rad.microsoft.com
0.0.0.0 http://www.redir.metaservices.microsoft.com
0.0.0.0 http://www.serviceswitching.metaservices.microsoft.com
0.0.0.0 http://www.shopformusic.microsoft.com
0.0.0.0 http://www.sqm.microsoft.com
0.0.0.0 http://www.stats.update.microsoft.com
0.0.0.0 http://www.statsupdate.microsoft.com.nsatc.net
0.0.0.0 http://www.survey.watson.microsoft.com
0.0.0.0 http://www.updated-microsoft.com
0.0.0.0 http://www.urs.microsoft.com
0.0.0.0 http://www.v5stats.windowsupdate.microsoft.com
0.0.0.0 http://www.view-microsoft.com
0.0.0.0 http://www.watson.microsoft.com
0.0.0.0 http://www.wer.microsoft.com
0.0.0.0 http://www.winse.microsoft.com
0.0.0.0 http://www.wpa.one.microsoft.com
0.0.0.0 virusinfo.prevx.com
0.0.0.0 http://www.virusinfo.prevx.com
0.0.0.0 legal-at-spybot.info
0.0.0.0 spybot.info
0.0.0.0 http://www.legal-at-spybot.info
0.0.0.0 http://www.spybot.info
0.0.0.0 superantispyware.com
0.0.0.0 http://www.superantispyware.com
0.0.0.0 ads.techguy.org
0.0.0.0 forums.techguy.org
0.0.0.0 http://www.ads.techguy.org
0.0.0.0 http://www.forums.techguy.org

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Christian

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\CHRIST~1\AppData\Local\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Christian\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\CHRIST~1\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000000

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Atheros AR5007EG Wireless Network Adapter
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{3DD470C3-1ADF-406E-8B14-C58D3B03567A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3DD470C3-1ADF-406E-8B14-C58D3B03567A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{3DD470C3-1ADF-406E-8B14-C58D3B03567A}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

Ok ceci a suivre .

o Redémarrer l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapoter F8)
o cliquer droit sur SmitfraudFix.exe et choisir "Exécuter en tant qu'administrateur"
o Sélectionner 2 et pressez Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
o A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.
o Le fix déterminera si le fichier wininet.dll est infecté.
o A la question: Corriger le fichier infecté ? répondre O (oui) et pressez Entrée pour remplacer le fichier corrompu.
o Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt

rebonsoir

J'ai suivi les instructions. Quelques réglages ont disparus : page d'acceuil; fonction exécuter; favoris; fond d'écran....
En fait, ils ne sont que désactiver. Le système semble marchait correctement

Je tiens à remercier toute l'équipe qui bénévolement vient en aide à toute personne pour qui l'informatique cause problème.

bon très bien, et cela arrive que l'on est ces désactivations sans gravité comme tu le signale.

Par contre tu peux me mettre se second rapport que le vérifies que tout est bien.

et fait ceci en plus.

Installe Malewarebytes' Antimalware,
Téléchargement et tuto

Met-le à jour puis passe en mode sans échec :
http://www.pcloisirs.eu/mode_sans_echec.htm

Choisi, Exécuter un examen complet (environ 1heure)
Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui ? choisissez Outils dans la barre de navigation sur la gauche ? Résident et là vous pouvez décocher les cases situées devant les deux outils.

re,

-j'avais scanné ce matin avec Malwarebytes en mode sans échec ==> rien trouvé!
-Spybot : je l'ai abandonné depuis longtemps

encore deux choses:
-Mon fichier Hosts pèse 20 MO, zeb Help Process bloque sur ce fichier Hosts. Pas grave , je remettrai celui d'origine.
-Second problème: Le deuxième compte (invité) doit-il être aussi rectifié. il me semble que rien n'a été rectifié;
A+

Rebonsoir,

Voici le rapport aprés nettoyage

Zeb Help Process v2.32.1 by Nicolas Coolman - Rapport Général du 07/11/2008 22:12:03

Rapport de ZHPDiag v1.1.3.7 par Nicolas Coolman
Enregistré le 07/11/2008 22:11:26
Platform : Windows Vista Home Premium (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000

---\\ Processus lancés
%ProgramFiles%\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
RtHDVCpl.exe
Skytel.exe
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
%windir%\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm

---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: Liste des erreurs:
O1 - Hosts: ne pas la supprimer!
O1 - Hosts: ---------------------------------
O1 - Hosts: ---------------------------------

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Program Files\CoreStreet\SpoofStick\SpoofStickBHO.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Program Files\CoreStreet\SpoofStick\SpoofStick.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwarede ... _0_3_4.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/fl ... rashim.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}

---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira Premium Security Suite Pare-feu (AntiVirFirewallService) - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Planificateur Avira Premium Security Suite (AntiVirScheduler) - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Service d'assistance Avira Premium Security Suite MailGuard (AVEService) - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: eLock Service (eLockService) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service (eNet Service) - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService (MobilityService) - C:\Acer\Mobility Center\MobilityService.exe -p
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: ePower Service (WMIService) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SA.DAT
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SCHEDLGU.TXT

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10a.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: Atheros Extensible Wireless LAN device driver (athr) - C:\WINDOWS\system32\DRIVERS\athr.sys
O41 - Driver: AvFw Packet Filter Miniport (avfwim) - C:\WINDOWS\system32\DRIVERS\avfwim.sys
O41 - Driver: avfwot (avfwot) - C:\WINDOWS\system32\DRIVERS\avfwot.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\Avira Premium Security Suite\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O41 - Driver: Dritek Keyboard Filter Driver (DKbFltr) - C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Intel PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: ENE CIR Receiver (enecir) - C:\WINDOWS\system32\DRIVERS\enecir.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: (no object) (HSFHWAZL) - C:\WINDOWS\system32\DRIVERS\VSTAZL3.SYS
O41 - Driver: (no object) (HSF_DPV) - C:\WINDOWS\system32\DRIVERS\VSTDPV3.SYS
O41 - Driver: int15 (int15) - C:\Acer\Empowering Technology\eRecovery\int15.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: Pilote d’E/S du mappage de découverte de topologie de la couche de liaison (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Filtre NativeWiFi (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: Upper Class Filter Driver (NTIDrvr) - C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
O41 - Driver: NVIDIA nForce 10/100/1000 Mbps Ethernet (NVENETFD) - C:\WINDOWS\system32\DRIVERS\nvmfdx32.sys
O41 - Driver: (no object) (nvlddmkm) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
O41 - Driver: (no object) (nvsmu) - C:\WINDOWS\system32\DRIVERS\nvsmu.sys
O41 - Driver: Miniport réseau étendu WAN (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu WAN (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - C:\WINDOWS\system32\DRIVERS\rassstp.sys
O41 - Driver: (no object) (rimmptsk) - C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
O41 - Driver: (no object) (rimsptsk) - C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
O41 - Driver: Ricoh xD-Picture Card Driver (rismxdp) - C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
O41 - Driver: Répondeur de découverte de topologie de la couche de liaison (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: (no object) (sdbus) - C:\WINDOWS\system32\DRIVERS\sdbus.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: Pilote de protocole IPv6 Microsoft (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: Conexant Setup API (UIUSys) - C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: (no object) (winachsf) - C:\WINDOWS\system32\DRIVERS\VSTCNXT3.SYS
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.60 beta
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Bel Atout 4.20
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: Eusing Free Registry Cleaner
O42 - Logiciel: ffdshow [rev 1763] [2008-01-08]
O42 - Logiciel: Foxit Reader
O42 - Logiciel: Free Registry Defrag
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: hpHosts
O42 - Logiciel: NTI Backup NOW! 4.7
O42 - Logiciel: NTI CD & DVD-Maker
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Launch Manager
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: oggcodecs 0.71.0946
O42 - Logiciel: Avira Premium Security Suite
O42 - Logiciel: Revo Uninstaller 1.75
O42 - Logiciel: SpoofStick for Internet Explorer 1.02
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: TopOCR 3.1
O42 - Logiciel: ZebHelpProcess 2.32
O42 - Logiciel: Acer Mobility Center Plug-In
O42 - Logiciel: Acer eLock Management
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Paint.NET v3.36
O42 - Logiciel: Acer Crystal Eye webcam
O42 - Logiciel: Acer eAudio Management
O42 - Logiciel: RealSpeak Solo pour la voix francaise Virginie
O42 - Logiciel: Acer ePower Management
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
O42 - Logiciel: Microsoft Works
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Acer ScreenSaver
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Acer Empowering Technology
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Microsoft Sites publics français
O42 - Logiciel: PowerProducer 3.72
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Acer ePresentation Management
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: Acer eNet Management
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Acer eSettings Management
O42 - Logiciel: Acer Crystal Eye Webcam
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: Windows Live installer

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Borland Shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory - C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\muvee Technologies
O43 - CFD:Common File Directory - C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\WindowsLiveInstaller

---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\Windows\System32\Faultrep.dll -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\FNTCACHE.DAT -->14/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\ieframe.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\iertutil.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\jsproxy.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mrt.exe -->07/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.tlb -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\mstime.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\netapi32.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\ntkrnlpa.exe -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\ntoskrnl.exe -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\NVCOSMB.DLL -->20/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\NVCOSMU.DLL -->21/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvLsp.dll -->08/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvsmb.nvu -->19/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvsmu.nvu -->27/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvuninst.exe -->27/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvusmb.exe -->20/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\nvusmu.exe -->21/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\PerfStringBackup.INI -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.reg -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.txt -->07/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\urlmon.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wersvc.dll -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\win32k.sys -->18/09/2008
O44 - LFC:Last File Created - C:\Windows\System32\win32spl.dll -->12/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\wininet.dll -->02/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuapi.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuapp.exe -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuauclt.exe -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuaueng.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wucltux.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wudriver.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wups.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wups2.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\wuwebv.dll -->16/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\athr.sys -->18/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\avipbb.sys -->06/11/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbam.sys -->22/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbamswissarmy.sys -->22/10/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf -->31/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\nvsmu.sys -->25/08/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\srv.sys -->27/08/2008

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\7ZG.EXE-0F8C4081.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ACER CRYSTAL EYE WEBCAM.EXE-57133E31.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ADDALIAS.EXE-E50258CE.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-266877213-989904699-3031314254-1000.snp.db -->12/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-266877213-989904699-3031314254-1000.snp.db -->20/08/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC2.db -->27/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_6D864410.db -->12/10/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-266877213-989904699-3031314254-1000.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-266877213-989904699-3031314254-1001.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-266877213-989904699-3031314254-1000.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-266877213-989904699-3031314254-1001.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVCENTER.EXE-166F9BBD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVFWSVC.EXE-4F5E532D.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVGNT.EXE-9DE7A975.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVGUARD.EXE-E511DB0F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVNOTIFY.EXE-5083BD95.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVWSC.EXE-606B7021.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\BELATOUT.EXE-19136B85.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CALC.EXE-77FDF17F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CDMKR32.EXE-3BB1E0CC.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CHECKT.EXE-F0583F3F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CHKNTFS.EXE-4D884E7D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CSCRIPT.EXE-D1EF4768.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CSRSS.EXE-3FE41F7E.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5458ADF9.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DXDIAG.EXE-1F1A4BF5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EAUDIO.EXE-EE0A24DD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EHMSAS.EXE-2D3B2F21.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ENMTRAY.EXE-19B3589B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EPOWER_DMC.EXE-F199D292.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ERAGENT.EXE-16B8E741.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIND.EXE-E2237F6D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FINDSTR.EXE-2E9C6FE2.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-CA3DC40A.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOXPORTABLE.EXE-D7BA457B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FLASHUTIL10A.EXE-F38539B4.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FOXIT READER.EXE-AD4251B5.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GREEDY.EXE-ABAB5DBF.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GUARDGUI.EXE-D6B7C48D.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEUSER.EXE-7C0FE221.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IPCONFIG.EXE-912F3D5B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\Layout.ini -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LMANAGER.EXE-9D025777.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGON.SCR-30601369.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MBLCTR.EXE-29A20134.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MFPMP.EXE-26F35380.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MINIREG.EXE-FB2EAC96.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MMC.EXE-9FDFCD4D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBILITYCENTER.EXE-D203ABDA.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MPAS-D.EXE-40FE95BA.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MPSIGSTUB.EXE-3EA045BF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSPAINT.EXE-76E10B24.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSWORKS.EXE-494EE618.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PAINTDOTNET.EXE-018D93AD.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PERFMON.EXE-E34F662B.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\POLICIES.EXE-2F1136FF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-2F4708C9.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PREUPD.EXE-7CA64FC5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-34C92DCE.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RTKBTMNT.EXE-BD527623.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-623046C7.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-704FC1FF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-828A2096.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-8BCA13E7.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-AAB1BBB5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCALC.EXE-A77089B3.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCHED.EXE-8FB11738.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SIMPRESS.EXE-2417020B.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SKYTEL.EXE-7920123E.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SMITFRAUDFIX.EXE-81B3C343.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SMSS.EXE-E9C28FC6.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SOFFICE.BIN-FFFF76B3.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SOFFICE.EXE-0C715DD8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SWRITER.EXE-8AC04745.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-68C7C4F0.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-64B3993D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TWEAKHOSTS.EXE-01E9ADD9.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UPDATE.EXE-46794DF4.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USNSVC.EXE-5FE071D8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\USRREQ.EXE-110148C7.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WARREG_POPUP.EXE-1DD95359.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINCAL.EXE-0681BC65.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINMAIL.EXE-1092D371.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKCALREM.EXE-28FF8702.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKDSTORE.EXE-AC552969.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSCAL.EXE-CB244E0D.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSDICT.EXE-4194467F.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WKSSS.EXE-83F61EE9.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLLOGINPROXY.EXE-9E0DCEF8.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf -->06/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WORDPAD.EXE-D7FD7414.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WRITEACERADAPTERKEY.EXE-C47871BB.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf -->05/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHP2.EXE-2B098B11.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPDIAG.EXE-1A37E1DF.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPDIAG.EXE-8DACDC00.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPL 2.32.1.EXE-986A571F.pf -->07/11/2008
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ZHPL 2.32.1.TMP-2C8CF97E.pf -->07/11/2008

---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\Windows\System32\scecli.dll

---\\ Recherche d'infection de Base de Registres (O71)
O71 - BDRI:[hklm\software\microsoft\security center]:firewalldisablenotify - 0x00000000
O71 - BDRI:[hklm\software\microsoft\security center]:antivirusdisablenotify - 0x00000000
O71 - BDRI:[hklm\software\microsoft\security center]:updatesdisablenotify - 0x00000000

Lignes traitées 258/276

Bonjour

SmitfraudFix a rétabli les Host . Rapport Zeb Help Process OK

par contre il y a surement des lignes en confusion dedans ton fichier HOST.
Tu devrais le rétablir a l'orogine je pense.

soit que cela comme indique le mien.

127.0.0.1 localhost

Bonjour.

Dans Spybot, Outils, Fichier Hosts, tu supprimes ce dernier.

Télécharge Hoster :
http://www.funkytoad.com/download/HostsXpert.zip

Dézippe le sur le bureau.
Lance Hoster par clic droit et Exécuter en tant qu'administrateur, clique sur "Restore Microsoft's Hosts File".

Tu retournes dans Spybot et tu réinstalles le fichier de Patrick Kolla.

@+

bonsoir,

merci pour l'excellent travail fourni
pour le fichier hosts, je m'en tiens à mon post "hosts à jour" que j'ai mis sur le forum

encore merci et à bientot

Forum-vista : Entraide et dépannage Windows Vista et Windows Seven

nouveau Zeb Help Process

nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process

Re: nouveau Zeb Help Process