Que dois-je faire je suis largé...

Bonjour,
Voilà, j'ai un PC que j'entretiens avec Malwarebyte's et Antivir.

Alors voilà, je suis un peu sceptique sur le comportement de mon PC.

Hier antivir m'a trouvé :
-TR/Murdak.A.36

Après une recherche sur Google j'apprend sur une page anglaise que cela est du à la présence de combofix...

En quelque sorte un faux positif, à mon avis...

Cependant je ne comprend pas la présence de Combofix puisque lors d'une précédente Infection apparemment de longue date, j'avais utilisé Toolscleaner.

Voici, ci-joint, un log RSIT.
Note : un jour, on m'avait demandé ce qu'était mon lecteur E:, il correspond à mon lecteur DVD-RAM.

Je suis vraiment sceptique car ce matin coupure non voulue (reboot quoi).
J'espère avoir tout dis et que mes phrases soient compréhensibles.

AHHH !!! Problème !! Je me trouve dans une impasse puisque ma mère a mit un mot de passe session donc, pour utiliser les outils, ça va être coton...

MERCI PAR AVANCE !

Logfile of random's system information tool 1.05 (written by random/random)
Run by HP_Administrateur at 2009-01-24 13:02:08
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 116 GB (79%) free of 146 GB
Total RAM: 958 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:02:29, on 24/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\program files\fichiers communs\installshield\updateservice\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrateur\Bureau\RSIT.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HP_Administrateur.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://adfarm.mediaplex.com/ad/ck/709-29563-11896-1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "c:\program files\fichiers communs\installshield\updateservice\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Dancer] "C:\Program Files\Windows Plus\Dancer\Dancer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: MOH.lnk = C:\Program Files\OLITEC\MOH\LtMoh.exe
O4 - Startup: VirtualExpander.lnk = C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: SMCWUSB-G2 Wireless Utility.lnk = C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{02605FB9-5DCB-474D-9308-713FA00F0F01}: NameServer = 192.168.1.1
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10593 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for HP_Administrateur.job
C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for HP_Administrateur.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-23 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-23 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-23 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-22 16261632]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"ftutil2"=C:\WINDOWS\system32\ftutil2.dll [2004-06-07 106496]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312]
"SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-12-14 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-12-14 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-12-14 217088]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"ISUSScheduler"=c:\program files\fichiers communs\installshield\updateservice\issch.exe [2004-07-27 81920]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-01-14 399504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-23 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dancer"=C:\Program Files\Windows Plus\Dancer\Dancer.exe [2005-01-12 188416]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-12-19 1434864]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Contrôleur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
SMCWUSB-G2 Wireless Utility.lnk - C:\Program Files\SMC\SMCWUSB-G2 Wireless Utility\ZDWlan.exe

C:\Documents and Settings\HP_Administrateur\Menu Démarrer\Programmes\Démarrage
MOH.lnk - C:\Program Files\OLITEC\MOH\LtMoh.exe
VirtualExpander.lnk - C:\WINDOWS\system32\VirtualExpander\VirtualExpander.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoLogoff"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\AOL 9.0a\waol.exe"="C:\Program Files\AOL 9.0a\waol.exe:*:Enabled:AOL"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\Setup.EXE

======List of files/folders created in the last 1 months======

2009-01-24 12:12:51 ----D---- C:\Program Files\SpeedFan
2009-01-24 04:22:04 ----A---- C:\FindyKill.txt
2009-01-24 04:21:25 ----D---- C:\Program Files\FindyKill
2009-01-24 01:53:29 ----D---- C:\Program Files\VS Revo Group
2009-01-23 19:06:01 ----D---- C:\Program Files\Fichiers communs\Apple
2009-01-23 19:05:55 ----D---- C:\Program Files\QuickTime
2009-01-23 19:05:52 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-23 19:05:28 ----D---- C:\Program Files\Apple Software Update
2009-01-23 19:05:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-23 19:03:48 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-23 19:03:48 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-23 19:03:48 ----A---- C:\WINDOWS\system32\java.exe
2009-01-21 20:20:04 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-01-20 18:08:07 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Canon
2009-01-20 18:05:46 ----D---- C:\Program Files\Canon
2009-01-20 18:00:10 ----A---- C:\WINDOWS\system32\UCS32P.DLL
2009-01-20 18:00:09 ----A---- C:\WINDOWS\system32\N067UFW.DLL
2009-01-20 18:00:09 ----A---- C:\WINDOWS\system32\CNQU70.DLL
2009-01-20 17:56:20 ----HD---- C:\CanoScan
2009-01-19 18:52:29 ----D---- C:\rsit
2009-01-18 21:30:27 ----D---- C:\Program Files\UsbFix
2009-01-15 16:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 20:08:57 ----SHD---- C:\RECYCLER
2009-01-14 19:16:10 ----A---- C:\WINDOWS\zip.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\VFIND.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\SWSC.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\SWREG.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\sed.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\grep.exe
2009-01-14 19:16:10 ----A---- C:\WINDOWS\fdsv.exe
2009-01-14 19:16:05 ----D---- C:\WINDOWS\ERDNT
2009-01-10 23:07:43 ----D---- C:\NVIDIA
2009-01-10 23:02:26 ----D---- C:\Program Files\SystemRequirementsLab
2009-01-09 10:59:01 ----SHD---- C:\WINDOWS\CSC
2009-01-03 21:48:15 ----D---- C:\Program Files\Free Video Converter
2009-01-03 21:15:36 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\DivX
2009-01-03 21:13:01 ----D---- C:\divx
2009-01-02 21:51:39 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-01-02 21:51:08 ----D---- C:\Program Files\Messenger Plus! Live
2009-01-02 21:34:31 ----D---- C:\Program Files\Windows Installer Clean Up
2009-01-02 21:33:59 ----D---- C:\Program Files\MSECACHE
2008-12-31 14:54:36 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Google
2008-12-31 11:39:57 ----A---- C:\WINDOWS\ActiveSkin.INI
2008-12-31 11:39:57 ----A---- C:\UNWISE.EXE
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-25 19:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-12-25 14:07:56 ----A---- C:\WINDOWS\system32\ZyDelReg.exe
2008-12-25 14:07:56 ----A---- C:\WINDOWS\system32\ZDPN50.DLL
2008-12-25 14:07:56 ----A---- C:\WINDOWS\system32\InsDrvZD64.DLL
2008-12-25 14:07:56 ----A---- C:\WINDOWS\system32\InsDrvZD.dll
2008-12-25 14:07:54 ----D---- C:\Program Files\SMC

======List of files/folders modified in the last 1 months======

2009-01-24 13:02:17 ----D---- C:\WINDOWS\Prefetch
2009-01-24 12:49:11 ----D---- C:\Program Files\Mozilla Firefox
2009-01-24 12:47:18 ----AD---- C:\WINDOWS
2009-01-24 12:46:18 ----D---- C:\WINDOWS\Temp
2009-01-24 12:21:47 ----D---- C:\WINDOWS\Registration
2009-01-24 12:12:51 ----RD---- C:\Program Files
2009-01-24 12:12:50 ----D---- C:\WINDOWS\system32
2009-01-24 05:58:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-01-24 04:20:08 ----D---- C:\WINDOWS\ERUNT
2009-01-24 02:17:54 ----A---- C:\WINDOWS\win.ini
2009-01-24 02:00:04 ----D---- C:\Program Files\Lavalys
2009-01-24 01:39:06 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-24 01:39:05 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-23 23:31:48 ----SD---- C:\WINDOWS\Tasks
2009-01-23 22:30:05 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-23 19:06:32 ----SHD---- C:\WINDOWS\Installer
2009-01-23 19:06:32 ----D---- C:\Config.Msi
2009-01-23 19:06:01 ----D---- C:\Program Files\Fichiers communs
2009-01-23 19:03:34 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-23 19:03:31 ----D---- C:\Program Files\Java
2009-01-22 20:44:58 ----D---- C:\WINDOWS\system32\drivers
2009-01-22 20:44:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-21 20:20:04 ----HD---- C:\WINDOWS\inf
2009-01-21 20:20:02 ----D---- C:\Program Files\Google
2009-01-20 18:05:46 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-20 18:04:10 ----D---- C:\WINDOWS\twain_32
2009-01-20 18:02:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-19 18:52:50 ----D---- C:\Program Files\Trend Micro
2009-01-18 21:36:51 ----D---- C:\WINDOWS\system32\FxsTmp
2009-01-18 21:18:30 ----D---- C:\Documents and Settings
2009-01-17 12:55:53 ----D---- C:\WINDOWS\Help
2009-01-17 12:48:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-15 20:15:39 ----A---- C:\TCleaner.txt
2009-01-15 18:06:21 ----D---- C:\WINDOWS\Debug
2009-01-15 16:46:50 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-15 16:46:20 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-14 19:18:55 ----A---- C:\WINDOWS\system.ini
2009-01-14 19:18:14 ----D---- C:\WINDOWS\AppPatch
2009-01-12 21:35:27 ----A---- C:\Documents and Settings\HP_Administrateur\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2009-01-12 07:23:37 ----D---- C:\WINDOWS\nview
2009-01-10 23:02:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-08 19:02:04 ----SD---- C:\Documents and Settings\HP_Administrateur\Application Data\Microsoft
2009-01-07 14:57:03 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\dvdcss
2009-01-04 14:55:13 ----D---- C:\Program Files\NetMeeting
2009-01-04 11:15:02 ----RSD---- C:\WINDOWS\assembly
2009-01-04 11:15:02 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-03 21:47:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-03 21:45:29 ----D---- C:\WINDOWS\WinSxS
2009-01-03 21:20:43 ----D---- C:\Program Files\DivX
2009-01-02 21:43:31 ----D---- C:\Program Files\Windows Live
2009-01-02 21:40:44 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-26 17:21:47 ----A---- C:\WINDOWS\WININIT.INI
2008-12-26 11:31:39 ----D---- C:\WINDOWS\system32\NtmsData
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-25 13:15:43 ----HD---- C:\hp
2008-12-25 13:03:27 ----D---- C:\WINDOWS\system32\config
2008-12-25 13:03:07 ----D---- C:\WINDOWS\system32\wbem
2008-12-25 13:02:45 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-25 13:02:04 ----DC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-12-25 13:02:03 ----D---- C:\Program Files\Windows Desktop Search

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2005-08-03 22784]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2005-08-03 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2005-08-03 4992]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2005-08-03 10112]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-25 4353024]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-11 22016]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
R3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-11 211712]
R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-13 19072]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 Ca533av;Icatch(IV) Video Camera Device; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-26 1149888]
S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2005-08-03 19200]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RT73;USB Wireless 802.11 b/g Adaptor Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-13 252928]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBCamera;Icatch(IV) Still Camera Device; C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-07-25 10986]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2005-08-03 58880]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-23 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-06-21 49152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-01-14 170640]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

-----------------EOF-----------------

Configuration: Windows XP
Firefox 3.0.5